[PLUG] kwu-ftpd newbie

Shahms King shahms at shahms.com
Tue Jan 14 15:09:01 UTC 2003


On Tue, 2003-01-14 at 14:23, josh rosenbaum wrote:
> I'm trying to configure an FTP server on a RedHat 7.2 box running kwu-ftpd
> 0.2.0 (whatever comes with the RedHat distro).  Security isn't my main goal
> (it will be down the line), but my main goal is to just have it work period.

Regardless of "just having it work" or not, wu-ftp is horrible.  I
cannot stress this enough; just say no.  There are rpms out there for
vsftpd (recommended) and ProFTPD.  Both of these are better packages,
and it's next to impossible to be less secure than wu-ftp. It's one of
the single most exploitable programs out there with a long, long history
of regular and serious problems.  I can't fathom why distributions still
persist in shipping it.

> I've got it set up so that I can ping it, and I even get a login screen from
> and FTP client on another machine.  The problem is that I can't seem to
> successfully set up a user account within the ftp program that can log in.
> I have anonymous set up with fairly decent access.

Take at look at /etc/pam.d/ftp that file defines the
security/authentication modules that the ftp service will use.
The format of that file can be a little obscure but I'm guessing that's
where the problem is.
-- 
Shahms King <shahms at shahms.com>





More information about the PLUG mailing list