Eliminate the need for user accounts for ftp users with proftpd and mysql
The proftpd ftp daemon is a powerful ftp daemon with a configuration syntax much like Apache. It has a whole slew of options not available in most ftp daemons, including ratios, virtual hosting, and a modularized design that allows people to write their own modules.
One such module is mod_sql , which allows proftpd to use a SQL database as its back end authentication source. Currently, mod_sql supports MySQL and PostgreSQL. This can be a good way to help lock down access to your server, as inbound users will authenticate against the database (and therefore not require an actual shell account on the server). In this hack, we'll get proftpd authenticating against a MySQL database.
First, download and build the source to proftpd and mod_sql:
~$ bzcat proftpd-1.2.6.tar.bz2 | tar xf - ~/proftpd-1.2.6/contrib$ tar zvxf ../../mod_sql-4.08.tar.gz ~/proftpd-1.2.6/contrib$ cd .. ~/proftpd-1.2.6$ ./configure --with-modules=mod_sql:mod_sql_mysql \ --with-includes=/usr/local/mysql/include/ \ --with-libraries=/usr/local/mysql/lib/
(Naturally, substitute the path to your mysql install, if it isn't in /usr/local/mysql/.) Now, build the code and install it:
rob@catlin:~/proftpd-1.2.6$ make && sudo make install
Next, create a database for proftpd to use (assuming that you already have mysql up and running):
$ mysqladmin create proftpd
then permit read-only access to ...