August 14th, 2002, 11:11 PM
FreeBSD: FTPd, or ProFTPd
Hi, I am looking at using FTPd, or ProFTPd with the TLS/SSL wrapper. But I am having a bit of trouble deciding which daemon to use. Does anyone have any experience with the FTPd that comes with FreeBSD, or with ProFTPd?
From what I have read, ProFTPd, seems to have more 'security' settings. But I haven't read much about FTPd, yet. Any suggestions, tips, hints, or user experiences are very much appreciated.
August 14th, 2002, 11:31 PM
I had implemented ProFTPD for the ability to take advantage of directory level controls, like that of .httaccess for apache, and it worked beautifully. Having it run as a non-user seems to have it's advantages as well for reasons of inability to leverage root access, etc. Some versions that I had attempted to install from the ports on 4.2-stable had some make issues with inabilities to locate Xinetd even though it isn't supposed to be required, but the version from the 4.6 ports tree has worked flawlessly. I've never had any issues with FTPD, though it didn't seem to be as robust in logging abilities and access controls.
\"I believe that you can reach the point where there is no longer any difference between developing the habit of pretending to believe and developing the habit of believing.\"
August 21st, 2002, 03:46 PM
There is a second alternative you may want to consider - take a look at PureFTP .... It does not contain a lot of the "fluff" of some other FTP servers but performs FTP functions very well.
I "think" it is listed in the FTP server section in the installation of prepackaged packages for FreeBSD... If not it compiles and installs easily...
One real nice "feature" is it is self-contained as you do not need to setup a bin/ temp/ sys/ folder set for each user account directory or setup different *nix programs (such as ls) to view the directory content.
A second feature is you can setup MySQL as the authentication mechanism for the FTP server - including upload and download speed per user, where the user's directory is - and the user does not need to be in the passwd file (no user account on the server)....
The server does not run at root level (with the exception of using the *nix passwd file access - and this can be disabled if using an alternative authentication method) which makes it almost impervious to hacking (I would say totally secure - but there is no such thing ... other than a disconnected, powered down server locked in a bank vault)....
Check it out - I have used both of the FTP servers you listed but found them lacking in one way or another.... I currently use on this server for FTP services...
Also - this server is very easy to configure and *does* an exellent job of "jailing" the user to their directory (can not transverse the directory tree above their directory)...