Change Ftp Password 'BUG'
- Thread starter nbhosting
- Start date
- Joined
- Feb 27, 2003
- Messages
- 8,138
Hello,
Likely proftpd is granting access to the system ftp account using PAM instead of the /etc/proftpd.passwd file.
In your /etc/proftpd.conf, change:
#AuthPAM off
to
AuthPAM off
then restart proftpd.
The correct solution for us would be to remove the "change password" for the system ftp account completely to prevent the ftp password from being different from the DA password.
Currently, we allow the ftp password to be set independantly from the DA password, but in reality, it's probably best that they stay linked together.
John
Likely proftpd is granting access to the system ftp account using PAM instead of the /etc/proftpd.passwd file.
In your /etc/proftpd.conf, change:
#AuthPAM off
to
AuthPAM off
then restart proftpd.
The correct solution for us would be to remove the "change password" for the system ftp account completely to prevent the ftp password from being different from the DA password.
Currently, we allow the ftp password to be set independantly from the DA password, but in reality, it's probably best that they stay linked together.
John
nobaloney
NoBaloney Internet Svcs - In Memoriam †
Especially if there's no warningDirectAdmin Support said:
. We had a client call us with an emergency request to change all passwords for a site, and we thought we had 
.Jeff
nobaloney
NoBaloney Internet Svcs - In Memoriam †
In two installations I checked today the AuthPAM line wasn't included in the proftpd.conf file.DirectAdmin Support said:
So I added it.
It appears to fix the problem and not cause any of it's own.
Should we make this change in all our installations?
What problems might we expect?
Jeff
- Joined
- Feb 27, 2003
- Messages
- 8,138
Hi Jeff,
I've removed the "change" password button in the ftp accounts page. This will prevent the passwords from getting out of sync. The ftp password should already be updated when you change your User password in the current version of DA.
AuthPAM off
is the desired setting for all machine, but we couldn't set it by default as some binaries didn't have pam compiled in (also the desired option). The ones that didn't have it compiled in will error on restart if its there, thus we don't add it. If the ftp password stored in the proftpd.passwd file matches the DA username, then it doesn't matter if it's on or off.
John
I've removed the "change" password button in the ftp accounts page. This will prevent the passwords from getting out of sync. The ftp password should already be updated when you change your User password in the current version of DA.
AuthPAM off
is the desired setting for all machine, but we couldn't set it by default as some binaries didn't have pam compiled in (also the desired option). The ones that didn't have it compiled in will error on restart if its there, thus we don't add it. If the ftp password stored in the proftpd.passwd file matches the DA username, then it doesn't matter if it's on or off.
John
DamnSkippy
Verified User
So we can expect this to be included in the next update to DA?
- Joined
- Feb 27, 2003
- Messages
- 8,138
yes
duke28
Verified User
ok i have the same problem but
when i use AuthPAM off ,
how can i change the primary ftp ??
cause when i use change password for an username in the reseller option, its not update the password in proftpd.passwd
so when i use AuthPAM off i'm not able to use the new password for the primary ftp account...
because in the skin enhanced we dont have any option for change password of PRIMARY FTP ACCOUNT on the FTP management...
when i use AuthPAM off ,
how can i change the primary ftp ??
cause when i use change password for an username in the reseller option, its not update the password in proftpd.passwd
so when i use AuthPAM off i'm not able to use the new password for the primary ftp account...
because in the skin enhanced we dont have any option for change password of PRIMARY FTP ACCOUNT on the FTP management...
- Joined
- Feb 27, 2003
- Messages
- 8,138
Hello,
I do remember looking at someone's server regarding the proftpd.passwd not updating. I'm fairly certain it was a coding error somewhere, but can't remember the exact details.. something about not having a domain as admin, thus there was no account in DA's mind. I think the workaround is to add a fake domain to the admin account, but the next release will have the fix.
John
I do remember looking at someone's server regarding the proftpd.passwd not updating. I'm fairly certain it was a coding error somewhere, but can't remember the exact details.. something about not having a domain as admin, thus there was no account in DA's mind. I think the workaround is to add a fake domain to the admin account, but the next release will have the fix.
John
duke28
Verified User
ok and what i do now for change primary ftp account ??
cause now we have 7 servers directadmnin with the same problem..
cause now we have 7 servers directadmnin with the same problem..
- Joined
- Feb 27, 2003
- Messages
- 8,138
Hello,
The current workaround is to create a fake domain in your admin account, then change your password.
The alternative is to manually set the password in the /etc/proftpd.passwd file. You can generate the crypt using:
add a few blank spaces, then press ctrl+D once (twice if it doesn't close). The crypted pass shoud be spit out.
You'd place the crypt in the 2nd option (colon seperated) in your proftpd.passwd file.
John
The current workaround is to create a fake domain in your admin account, then change your password.
The alternative is to manually set the password in the /etc/proftpd.passwd file. You can generate the crypt using:
PHP:
[server]# php
<?
echo crypt("[b]yourpass[/b]","randomword");
?>You'd place the crypt in the 2nd option (colon seperated) in your proftpd.passwd file.
John
duke28
Verified User
so now i have many password to change manuelly if i active authpam off ...
many account work with the old password ...
and if i put authpam off
many user going to email me , because they have change the password in their user panel and with the authpam off the password ftp going to be the old one...
many account work with the old password ...
and if i put authpam off
many user going to email me , because they have change the password in their user panel and with the authpam off the password ftp going to be the old one...
duke28
Verified User
when is going to be the new release with this bug fixed ?
thx for support..
but this bug is not funny when you have many clients..
thx for support..
but this bug is not funny when you have many clients..
- Joined
- Feb 27, 2003
- Messages
- 8,138
Next release of DA is scheduled for the 10th of May.
I can give you the fixed binaries now if you'd like. Just make a request for the new binaries with your OS to [email protected] and I can compile/package them for you.
John
I can give you the fixed binaries now if you'd like. Just make a request for the new binaries with your OS to [email protected] and I can compile/package them for you.
John
duke28
Verified User
hello
so tomorrow this error is fixed ?
so tomorrow this error is fixed ?
- Joined
- Feb 27, 2003
- Messages
- 8,138
Yes! 
John
John
MartijnHOS
Verified User
When i change a password for a user, in the user controlpanel then the main ftp password is still the old one. THe user isn't an admin.
So i think when i update to the next release, customers cannot change their main ftp accounts password anymore. Am i right?
So i think when i update to the next release, customers cannot change their main ftp accounts password anymore. Am i right?
- Joined
- Feb 27, 2003
- Messages
- 8,138
Hello,
There is no longer an option to change the main account ftp password. The ftp password will be permanently linked to the DA account password. The fix for this release is just for an account that doesn't have a domain, so this may not apply.
Either way, update DA to the latest version, test it out and see if the problem persists.
John
There is no longer an option to change the main account ftp password. The ftp password will be permanently linked to the DA account password. The fix for this release is just for an account that doesn't have a domain, so this may not apply.
Either way, update DA to the latest version, test it out and see if the problem persists.
John
MartijnHOS
Verified User
I have updated DA and it works fine.
When i change an user password it also changes the main ftp account password. That's OK but didn't work before.
When i change an user password it also changes the main ftp account password. That's OK but didn't work before.
duke28
Verified User
yea i think its ok now..