[prev in list] [next in list] [prev in thread] [next in thread]
List: proftpd-committers
Subject: [ProFTPD-committers] proftpd/doc/howto Authentication.html, 1.10, 1.11
From: TJ Saunders <castaglia () users ! sourceforge ! net>
Date: 2013-08-19 16:32:25
Message-ID: E1VBSNX-0007de-Ic () sfs-ml-2 ! v29 ! ch3 ! sourceforge ! com
[Download RAW message or body]
Update of /cvsroot/proftp/proftpd/doc/howto
In directory sfp-cvs-1.v30.ch3.sourceforge.com:/tmp/cvs-serv17398/doc/howto
Modified Files:
Authentication.html
Log Message:
Update Auth howto links. Added FAQ about getting passwords logged.
Index: Authentication.html
===================================================================
RCS file: /cvsroot/proftp/proftpd/doc/howto/Authentication.html,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -d -r1.10 -r1.11
--- Authentication.html 4 Jan 2010 17:58:33 -0000 1.10
+++ Authentication.html 19 Aug 2013 16:32:23 -0000 1.11
@@ -69,8 +69,7 @@
<p><a name="directives"><b>Configuration Directives</b><br>
There are several configuration directives that can cause login problems.
-The most common one is <a \
href="http://www.proftpd.org/docs/directives/linked/config_ref_RequireValidShell.html"><code>RequireValidShell</code></a>, \
so
-common that it is a
+The most common one is <a \
href="../modules/mod_auth.html#RequireValidShell"><code>RequireValidShell</code></a>, \
so common that it is a <a \
href="http://www.proftpd.org/docs/faq/faq_full.html#AEN267">FAQ</a>. If \
<code>proftpd</code> does not actually <i>use</i> the shell configured for a user, \
why does it check to see if the shell is valid by looking in @@ -87,7 +86,7 @@
<code>root</code> (or has a UID of zero, and hence has root privileges).
Logging in as <code>root</code> is dangerous, and should be avoided if
possible. If you do find it absolutely necessary to login as <code>root</code>,
-<i>please</i> use <a href="TLS.html">SSL/TLS</a>, or at least <a \
href="SSH.html">tunnel</a> your FTP connection using SSH. The <a \
href="http://www.proftpd.org/docs/directives/linked/config_ref_RootLogin.html"><code>RootLogin</code></a> \
configuration directive is needed +<i>please</i> use <a href="TLS.html">SSL/TLS</a>, \
or at least <a href="SSH.html">tunnel</a> your FTP connection using SSH. The <a \
href="../modules/mod_auth.html#RootLogin"><code>RootLogin</code></a> configuration \
directive is needed in your <code>proftpd.conf</code> in order for \
<code>proftpd</code> to explicitly allow root logins.
@@ -100,14 +99,15 @@
file name, I agree. <code>proftpd</code> was made to similarly honor any \
<code>/etc/ftpusers</code> file by default in order to ease the pain for sites \
migrating from <code>wu-ftpd</code> to <code>proftpd</code>. Disabling \
<code>proftpd</code>'s check for this file is as simple as using the
-<a href="http://www.proftpd.org/docs/directives/linked/config_ref_UseFtpUsers.html"><code>UseFtpUsers</code></a> \
configuration directive, like so: +<a \
href="../modules/mod_auth.html#UseFtpUsers"><code>UseFtpUsers</code></a> \
+configuration directive, like so: <pre>
UseFtpUsers off
</pre>
in your <code>proftpd.conf</code> file.
<p>
-The <a href="http://www.proftpd.org/docs/directives/linked/config_ref_PersistentPasswd.html"><code>PersistentPasswd</code></a> \
configuration directive can +The <a \
href="../modules/mod_auth_unix.html#PersistentPasswd"><code>PersistentPasswd</code></a> \
configuration directive can be necessary in some environments, particularly those \
that use NIS/YP, NSS modules, or (in the case of Mac OSX) the <code>netinfo</code> \
service. In order to be able to lookup and map UIDs and GIDs to names, as when
@@ -206,22 +206,22 @@
</li>
<p>
- <li><a href="http://www.proftpd.org/docs/modules/mod_auth_file.html"><code>mod_auth_file</code></a><br>
+ <li><a href="../modules/mod_auth_file.html"><code>mod_auth_file</code></a><br>
Handles the <code>AuthUserFile</code> and <code>AuthGroupFile</code> directives, \
for storing user account information in <a href="AuthFiles.html">other files</a> \
</li>
<p>
- <li><a href="http://www.proftpd.org/docs/directives/linked/config_ref_mod_ldap.html"><code>mod_ldap</code></a><br>
+ <li><a href="../contrib/mod_ldap.html"><code>mod_ldap</code></a><br>
Handles user account information stored in LDAP directories
</li>
<p>
- <li><a href="http://www.proftpd.org/docs/contrib/mod_radius.html"><code>mod_radius</code></a><br>
+ <li><a href="../contrib/mod_radius.html"><code>mod_radius</code></a><br>
Handles user account information provided by RADIUS servers
</li>
<p>
- <li><a href="http://www.proftpd.org/docs/contrib/mod_sql.html"><code>mod_sql</code></a><br>
+ <li><a href="../contrib/mod_sql.html"><code>mod_sql</code></a><br>
Handles user account information stored in <a href="SQL.html">SQL tables</a>
</li>
</ul>
@@ -255,7 +255,7 @@
in the <code>SQLAuthenticate</code> directive of <code>mod_sql</code>, are
examples of this authoritativeness. In general, it is best to avoid using
such mechanisms, and to use the
-<a href="http://www.proftpd.org/docs/directives/linked/config_ref_AuthOrder.html"><code>AuthOrder</code></a> \
configuration directive instead. +<a \
href="../modules/mod_core.html#AuthOrder"><code>AuthOrder</code></a> configuration \
directive instead.
<p>
The following illustrates a situation where <code>AuthOrder</code> is
@@ -285,6 +285,15 @@
Note that the <code>mod_auth.c</code> module should <b>never</b> be used in an
<code>AuthOrder</code> directive.
+<p><a name="FAQ"></a>
+<b>Frequently Asked Questions</b><br>
+
+<p><a name="LogPassword">
+<font color=red>Question</font>: How can I configure <code>proftpd</code> to
+log/show the password typed by the user?<br>
+<font color=blue>Answer</font>: You cannot. Period. The <code>proftpd</code>
+code goes out of its way to ensure that the password is never logged.
+
<p>
<hr>
Last Updated: <i>$Date$</i><br>
------------------------------------------------------------------------------
Introducing Performance Central, a new site from SourceForge and
AppDynamics. Performance Central is your source for news, insights,
analysis and resources for efficient Application Performance Management.
Visit us today!
http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk
_______________________________________________
ProFTPD Committers Mailing List
proftpd-committers@proftpd.org
https://lists.sourceforge.net/lists/listinfo/proftp-committers
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic