On Fri, Oct 08, 2004 at 11:48:49AM +0100, Marcus Williams wrote: > I'm looking at either proftpd or vsftpd but what I want is to set it > up so that users can login with a password that is different to their > shell password so that their shell passwords are not broadcast in > plaintext every time they update their websites etc.
You can use a separate (LDAP, RDBMS, RADIUS) database for password authentication with the FTP daemon so that you don't mix remote shell passwords and FTP passwords. Proftpd provides, IIRC, modules that integrate with external databases. Maybe you can use integration through PAM foe vsftpd but I'm not sure if it will be possible. In any case, make sure that the FTP areas they access are not their home areas since a rogue user that intercepts their FTP password could easily install trojans in their profile scripts (.profile, .bashrc, .bash_profile, etc..) Regards Javier
signature.asc
Description: Digital signature