Thu - May 29, 2008 : 06:20 pm
Postgres Authentication in Proftpd
Today I was commissioned to create an FTP server here at work. Through persistent pestering of the hideously insecure nature of FTP in general, my boss let me dedicate an entire server just for the company's need to FTP. This was to negate the possibility of any hacking of the web server, should the FTP server be compromised. It's even going to be restricted to its own subnet.
All technicalities aside, my boss told me just to put up a "quick" site for a "couple" of users. Well, I've been a web dev for long enough to know better. A "quick" site put up quickly becomes the site everyone uses, and the subject of incessant requests for improvement.
I didn't want that to be the case for this FTP server, so I spent the time and hopefully did it right.
I'm using Proftpd 1.3.1 on gentoo (of course), and I'm authenticating through a postgres database. Yes, it's probably overkill, but at least I'll be able to sleep at night after 5,000 people are using it each having their own repositories.
Here's how the config looks, just in case anyone is trying to do the same.
ServerName "Natures Way FTP Server"
SQLConnectInfo proftpd@localhost username password 120
SQLNamedQuery get_user_info SELECT "username, passwd, uid,gid,homedir,shell FROM users WHERE username = '%U' LIMIT 1;"
I created a simple table containing username, passwd, uid, gid, homedir, and shell fields and I was off!
Anyway... I just thought of putting in a quick 'n' dirty reference for anyone trying to use postgres authentication through proftpd.
Hope it helped (and sorry it wasn't very thorough. I had about 10 minutes to throw this together)