Recent Posts

Pages: [1] 2 3 ... 10
1
mod_tls / Re: Cannot get OCSP stapling to work
« Last post by firefoxthegreat on Today at 08:42:02 am »
Ok, I started a new thread over in the filezilla forums: https://forum.filezilla-project.org/viewtopic.php?f=2&t=45684
2
Announcements / executive leadership program
« Last post by skraihansarkar on Today at 07:45:59 am »
 executive leadership program
3
Hi Castaglia,

Just in case that wasn't enough here is the output of proftpd -nd10 so you can also see if anything pops up from this output:

Be aware, I have remove certain things from the output as I saw them as unnecessary and made the output too large to port in code tags.
Code: [Select]
2017-06-25 23:21:16,980 proftpd01: ROOT PRIVS at main.c:1227
2017-06-25 23:21:16,980 proftpd01: RELINQUISH PRIVS at main.c:1231
2017-06-25 23:21:16,981 proftpd01 ([98.210.182.246]): session requested from client in unknown class
2017-06-25 23:21:16,981 proftpd01 ([98.210.182.246]): performing module session initializations
2017-06-25 23:21:16,982 proftpd01 ([98.210.182.246]): ROOT PRIVS at mod_wrap2.c:152
2017-06-25 23:21:16,982 proftpd01 ([98.210.182.246]): RELINQUISH PRIVS at mod_wrap2.c:155
2017-06-25 23:21:16,982 proftpd01 ([98.210.182.246]): ROOT PRIVS at mod_sftp.c:1674
2017-06-25 23:21:16,982 proftpd01 ([98.210.182.246]): RELINQUISH PRIVS at mod_sftp.c:1677
2017-06-25 23:21:16,982 proftpd01 ([98.210.182.246]): ROOT PRIVS at keys.c:2001
2017-06-25 23:21:16,982 proftpd01 ([98.210.182.246]): RELINQUISH PRIVS at keys.c:2008
2017-06-25 23:21:16,982 proftpd01 ([98.210.182.246]): ROOT PRIVS at keys.c:703
2017-06-25 23:21:16,982 proftpd01 ([98.210.182.246]): RELINQUISH PRIVS at keys.c:710
2017-06-25 23:21:16,982 proftpd01 ([98.210.182.246]): ROOT PRIVS at keys.c:703
2017-06-25 23:21:16,982 proftpd01 ([98.210.182.246]): RELINQUISH PRIVS at keys.c:710
2017-06-25 23:21:16,982 proftpd01 ([98.210.182.246]): ROOT PRIVS at keys.c:2001
2017-06-25 23:21:16,982 proftpd01 ([98.210.182.246]): RELINQUISH PRIVS at keys.c:2008
2017-06-25 23:21:16,983 proftpd01 ([98.210.182.246]): mod_cap/1.1: adding CAP_SETUID and CAP_SETGID capabilities
2017-06-25 23:21:16,983 proftpd01 ([98.210.182.246]): mod_cap/1.1: adding CAP_AUDIT_WRITE capability
2017-06-25 23:21:16,983 proftpd01 ([98.210.182.246]): mod_ident/1.0: ident lookup disabled
2017-06-25 23:21:16,983 proftpd01 ([98.210.182.246]): ROOT PRIVS at mod_delay.c:1756
2017-06-25 23:21:16,983 proftpd01 ([98.210.182.246]): RELINQUISH PRIVS at mod_delay.c:1759
2017-06-25 23:21:16,983 proftpd01 ([98.210.182.246]): ROOT PRIVS at mod_log.c:2085
2017-06-25 23:21:16,983 proftpd01 ([98.210.182.246]): RELINQUISH PRIVS at mod_log.c:2088
2017-06-25 23:21:16,983 proftpd01 ([98.210.182.246]): ROOT PRIVS at mod_auth.c:140
2017-06-25 23:21:16,983 proftpd01 ([98.210.182.246]): opening scoreboard '/var/run/proftpd/proftpd.scoreboard'
2017-06-25 23:21:16,983 proftpd01 ([98.210.182.246]): RELINQUISH PRIVS at mod_auth.c:142
2017-06-25 23:21:16,983 proftpd01 ([98.210.182.246]): connected - local  : 172.21.53.21:2222
2017-06-25 23:21:16,983 proftpd01 ([98.210.182.246]): connected - remote : 98.210.182.246:36278
2017-06-25 23:21:16,983 proftpd01 ([98.210.182.246]): SSH2 session opened.
2017-06-25 23:21:16,998 proftpd01 ([98.210.182.246]): dispatching LOG_CMD command 'KEXINIT' to mod_log
2017-06-25 23:21:17,049 proftpd01 ([98.210.182.246]): dispatching LOG_CMD command 'ECDH_INIT' to mod_log
2017-06-25 23:21:17,067 proftpd01 ([98.210.182.246]): dispatching LOG_CMD command 'NEWKEYS' to mod_log
2017-06-25 23:21:17,118 proftpd01 ([98.210.182.246]): dispatching LOG_CMD command 'SERVICE_REQUEST' to mod_log
2017-06-25 23:21:17,130 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'USER jmalena' to mod_tls
2017-06-25 23:21:17,130 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'USER jmalena' to mod_core
2017-06-25 23:21:17,130 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'USER jmalena' to mod_core
2017-06-25 23:21:17,130 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'USER jmalena' to mod_delay
2017-06-25 23:21:17,130 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'USER jmalena' to mod_auth
2017-06-25 23:21:17,130 proftpd01 ([98.210.182.246]): dispatching POST_CMD command 'USER jmalena' to mod_delay
2017-06-25 23:21:17,130 proftpd01 ([98.210.182.246]): dispatching LOG_CMD command 'USER jmalena' to mod_log
2017-06-25 23:21:17,130 proftpd01 ([98.210.182.246]): dispatching LOG_CMD command 'USERAUTH_REQUEST' to mod_log
2017-06-25 23:21:17,143 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'USER jmalena' to mod_tls
2017-06-25 23:21:17,143 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'USER jmalena' to mod_core
2017-06-25 23:21:17,143 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'USER jmalena' to mod_core
2017-06-25 23:21:17,143 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'USER jmalena' to mod_delay
2017-06-25 23:21:17,143 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'USER jmalena' to mod_auth
2017-06-25 23:21:17,143 proftpd01 ([98.210.182.246]): dispatching POST_CMD command 'USER jmalena' to mod_delay
2017-06-25 23:21:17,143 proftpd01 ([98.210.182.246]): dispatching LOG_CMD command 'USER jmalena' to mod_log
2017-06-25 23:21:17,143 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'PASS (hidden)' to mod_tls
2017-06-25 23:21:17,143 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'PASS (hidden)' to mod_core
2017-06-25 23:21:17,143 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'PASS (hidden)' to mod_core
2017-06-25 23:21:17,143 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'PASS (hidden)' to mod_vroot
2017-06-25 23:21:17,143 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'PASS (hidden)' to mod_wrap2
2017-06-25 23:21:17,143 proftpd01 ([98.210.182.246]): retrieved UID 9366 for user 'jmalena'
2017-06-25 23:21:17,143 proftpd01 ([98.210.182.246]): retrieved group 'sftpusers' for GID 111
2017-06-25 23:21:17,144 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'PASS (hidden)' to mod_delay
2017-06-25 23:21:17,144 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'PASS (hidden)' to mod_auth
2017-06-25 23:21:17,144 proftpd01 ([98.210.182.246]): retrieved UID 9366 for user 'jmalena'
2017-06-25 23:21:17,145 proftpd01 ([98.210.182.246]): dispatching POST_CMD_ERR command 'PASS (hidden)' to mod_vroot
2017-06-25 23:21:17,145 proftpd01 ([98.210.182.246]): dispatching POST_CMD_ERR command 'PASS (hidden)' to mod_wrap2
2017-06-25 23:21:17,145 proftpd01 ([98.210.182.246]): dispatching POST_CMD_ERR command 'PASS (hidden)' to mod_delay
2017-06-25 23:21:17,146 proftpd01 ([98.210.182.246]): dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_log
2017-06-25 23:21:17,146 proftpd01 ([98.210.182.246]): dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_auth
2017-06-25 23:21:17,146 proftpd01 ([98.210.182.246]): dispatching LOG_CMD command 'USERAUTH_REQUEST' to mod_log
2017-06-25 23:21:17,159 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'USER jmalena' to mod_tls
2017-06-25 23:21:17,159 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'USER jmalena' to mod_core
2017-06-25 23:21:17,160 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'USER jmalena' to mod_core
2017-06-25 23:21:17,160 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'USER jmalena' to mod_delay
2017-06-25 23:21:17,160 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'USER jmalena' to mod_auth
2017-06-25 23:21:17,160 proftpd01 ([98.210.182.246]): dispatching POST_CMD command 'USER jmalena' to mod_delay
2017-06-25 23:21:17,160 proftpd01 ([98.210.182.246]): dispatching LOG_CMD command 'USER jmalena' to mod_log
2017-06-25 23:21:17,160 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'PASS (hidden)' to mod_tls
2017-06-25 23:21:17,160 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'PASS (hidden)' to mod_core
2017-06-25 23:21:17,160 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'PASS (hidden)' to mod_core
2017-06-25 23:21:17,160 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'PASS (hidden)' to mod_vroot
2017-06-25 23:21:17,160 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'PASS (hidden)' to mod_wrap2
2017-06-25 23:21:17,160 proftpd01 ([98.210.182.246]): retrieved UID 9366 for user 'jmalena'
2017-06-25 23:21:17,160 proftpd01 ([98.210.182.246]): retrieved group 'sftpusers' for GID 111
2017-06-25 23:21:17,161 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'PASS (hidden)' to mod_delay
2017-06-25 23:21:17,161 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'PASS (hidden)' to mod_auth
2017-06-25 23:21:17,161 proftpd01 ([98.210.182.246]): retrieved UID 9366 for user 'jmalena'
2017-06-25 23:21:17,161 proftpd01 ([98.210.182.246]): ROOT PRIVS at rfc4716.c:505
2017-06-25 23:21:17,161 proftpd01 ([98.210.182.246]): RELINQUISH PRIVS at rfc4716.c:508
2017-06-25 23:21:17,161 proftpd01 ([98.210.182.246]): dispatching POST_CMD_ERR command 'PASS (hidden)' to mod_vroot
2017-06-25 23:21:17,161 proftpd01 ([98.210.182.246]): dispatching POST_CMD_ERR command 'PASS (hidden)' to mod_wrap2
2017-06-25 23:21:17,161 proftpd01 ([98.210.182.246]): dispatching POST_CMD_ERR command 'PASS (hidden)' to mod_delay
2017-06-25 23:21:17,174 proftpd01 ([98.210.182.246]): dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_log
2017-06-25 23:21:17,174 proftpd01 ([98.210.182.246]): dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_auth
2017-06-25 23:21:17,174 proftpd01 ([98.210.182.246]): dispatching LOG_CMD command 'USERAUTH_REQUEST' to mod_log
2017-06-25 23:21:17,185 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'USER jmalena' to mod_tls
2017-06-25 23:21:17,185 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'USER jmalena' to mod_core
2017-06-25 23:21:17,185 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'USER jmalena' to mod_core
2017-06-25 23:21:17,185 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'USER jmalena' to mod_delay
2017-06-25 23:21:17,185 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'USER jmalena' to mod_auth
2017-06-25 23:21:17,185 proftpd01 ([98.210.182.246]): dispatching POST_CMD command 'USER jmalena' to mod_delay
2017-06-25 23:21:17,185 proftpd01 ([98.210.182.246]): dispatching LOG_CMD command 'USER jmalena' to mod_log
2017-06-25 23:21:17,185 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'PASS (hidden)' to mod_tls
2017-06-25 23:21:17,185 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'PASS (hidden)' to mod_core
2017-06-25 23:21:17,185 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'PASS (hidden)' to mod_core
2017-06-25 23:21:17,185 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'PASS (hidden)' to mod_vroot
2017-06-25 23:21:17,185 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'PASS (hidden)' to mod_wrap2
2017-06-25 23:21:17,185 proftpd01 ([98.210.182.246]): retrieved UID 9366 for user 'jmalena'
2017-06-25 23:21:17,185 proftpd01 ([98.210.182.246]): retrieved group 'sftpusers' for GID 111
2017-06-25 23:21:17,186 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'PASS (hidden)' to mod_delay
2017-06-25 23:21:17,186 proftpd01 ([98.210.182.246]): dispatching PRE_CMD command 'PASS (hidden)' to mod_auth
2017-06-25 23:21:17,186 proftpd01 ([98.210.182.246]): retrieved UID 9366 for user 'jmalena'
2017-06-25 23:21:17,186 proftpd01 ([98.210.182.246]): ROOT PRIVS at mod_sftp_pam.c:351
2017-06-25 23:21:17,189 proftpd01 ([98.210.182.246]): RELINQUISH PRIVS at mod_sftp_pam.c:390
2017-06-25 23:21:17,189 proftpd01 ([98.210.182.246]): ROOT PRIVS at mod_sftp_pam.c:428
2017-06-25 23:21:19,715 proftpd01 ([98.210.182.246]): RELINQUISH PRIVS at mod_sftp_pam.c:557
2017-06-25 23:21:19,715 proftpd01 ([98.210.182.246]): retrieved UID 9366 for user 'jmalena'
2017-06-25 23:21:19,715 proftpd01 ([98.210.182.246]): ROOT PRIVS at auth.c:1358
2017-06-25 23:21:19,715 proftpd01 ([98.210.182.246]): RELINQUISH PRIVS at auth.c:1360
2017-06-25 23:21:19,715 proftpd01 ([98.210.182.246]): retrieved group ID: 111
2017-06-25 23:21:19,715 proftpd01 ([98.210.182.246]): retrieved group name: sftpusers
2017-06-25 23:21:19,715 proftpd01 ([98.210.182.246]): USER PRIVS 9366 at auth.c:350
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): RELINQUISH PRIVS at auth.c:352
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]):
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): Config for ProFTPD:
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): Limit
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]):  AllowAll
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): DefaultRoot
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): Umask
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): SyslogLevel
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): ServerLog
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): SFTPEngine
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): SFTPOptions
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): SFTPLog
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): SFTPHostKey
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): SFTPHostKey
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): SFTPAuthorizedUserKeys
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): SFTPCompression
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): MaxClientsPerUser
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): MaxLoginAttempts
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): SFTPClientMatch
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): SFTPClientMatch
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): WrapEngine
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): WrapUserTables
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): WrapLog
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): Limit
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]):  AllowAll
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): ServerIdent
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): Umask
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): AllowOverwrite
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): SiteMiscEngine
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): AuthPAM
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): ROOT PRIVS at auth.c:419
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): opening TransferLog '/var/log/xferlog'
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): setting group ID: 111
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): RELINQUISH PRIVS at auth.c:458
2017-06-25 23:21:19,716 proftpd01 ([98.210.182.246]): USER PRIVS 9366 at auth.c:159
2017-06-25 23:21:19,717 proftpd01 ([98.210.182.246]): retrieved UID 9366 for user 'jmalena'
2017-06-25 23:21:19,717 proftpd01 ([98.210.182.246]): RELINQUISH PRIVS at auth.c:164
2017-06-25 23:21:19,717 proftpd01 ([98.210.182.246]): Preparing to chroot to directory '/ftp/jmalena/incoming'
2017-06-25 23:21:19,717 proftpd01 ([98.210.182.246]): ROOT PRIVS at auth.c:1472
2017-06-25 23:21:19,717 proftpd01 ([98.210.182.246]): RELINQUISH PRIVS at auth.c:1475
2017-06-25 23:21:19,717 proftpd01 ([98.210.182.246]): Environment successfully chroot()ed
2017-06-25 23:21:19,717 proftpd01 ([98.210.182.246]): ROOT PRIVS at auth.c:490
2017-06-25 23:21:19,717 proftpd01 ([98.210.182.246]): SETUP PRIVS at auth.c:491
2017-06-25 23:21:19,717 proftpd01 ([98.210.182.246]): ROOT PRIVS at auth.c:502
2017-06-25 23:21:19,717 proftpd01 ([98.210.182.246]): REVOKE PRIVS at auth.c:503
2017-06-25 23:21:19,718 proftpd01 ([98.210.182.246]): changed directory to '/'
2017-06-25 23:21:19,718 proftpd01 ([98.210.182.246]): in dir_check_full(): path = '/', fullpath = '/ftp/jmalena/incoming/'.
2017-06-25 23:21:19,718 proftpd01 ([98.210.182.246]): in dir_check_full(): setting umask to 0003 (was 0003)
2017-06-25 23:21:19,718 proftpd01 ([98.210.182.246]): USER jmalena: Login successful
2017-06-25 23:21:19,718 proftpd01 ([98.210.182.246]): ProFTPD terminating (signal 11)
2017-06-25 23:21:19,718 proftpd01 ([98.210.182.246]): ProFTPD terminating (signal 11)
2017-06-25 23:21:19,718 proftpd01 ([98.210.182.246]): mod_sftp/0.9.9: scrubbing 2 passphrases from memory
2017-06-25 23:21:19,718 proftpd01 ([98.210.182.246]): SSH2 session closed.

Thanks for the help.
jamdev
4
Hi Castaglia,

Thanks for the question. Since I'm sure is probably something with my setup, or how I have gone ahead and built the RPMs, let me provide full disclosure of my procedure and hopefully you can enlightment me as to the error in my way. Below is a set of instructions for building the RPMs for ProFTPD from source with the Fedora build spec file. This may be where I have gone wrong, but here is the full scoop.

Build machine is CentOS 6.8

yum groupinstall "Development tools"
yum install pam-devel ncurses-devel libacl-devel libcap-devel openldap-devel mysql-devel postgresql-devel perl-generators ncurses-devel GeoIP-devel pcre-devel check-devel 'perl(Crypt::Cracklib)'
git clone https://src.fedoraproject.org/git/rpms/proftpd.git
cp -rv proftpd/* /root/rpmbuild/SOURCES/.
cd rpmbuild/SOURCES/
wget http://pkgs.fedoraproject.org/repo/pkgs/proftpd/proftpd-1.3.5e.tar.gz/sha512/54a9700af803297697e4b7f2d7dc82139785f9f2cbeb40b226f94ff3e8690f2e3672aa80373005dfec4b53f3dd9ca7b0a658ea39bda63e71292c810ba994eac7/proftpd-1.3.5e.tar.gz
wget http://pkgs.fedoraproject.org/repo/pkgs/proftpd/Test-Unit-0.14.tar.gz/sha512/a51a0f4431adbef828a3ef5f6cf2f0505e436b51c9c8a31e51d9f0f01736c9c09030a6e5938dc48f63f4bf791d0a5dea1cea1c309aa63480b607bff6b09e72db/Test-Unit-0.14.tar.gz
wget http://pkgs.fedoraproject.org/repo/pkgs/proftpd/v0.9.4.tar.gz/af6af66bbd41fa24dfba2f461781d847/v0.9.4.tar.gz
rpmbuild -ba /root/Git/proftpd/proftpd.spec

If you want to included ClamAV as part of this, you must do the following:

1. Extract the proftpd files from the proftpd package: proftpd-1.3.5e.tar.gz
2. Clone the below code base
git clone https://github.com/jbenden/mod_clamav.git
3. Copy the mod_clamav files to the contrib directory
cp -rv mod_clamav/mod_clamav.* proftpd-1.3.5e/contrib/.
4. Repackage the folder:
tar -cf proftpd-1.3.5e.tar proftpd-1.3.5e/
gzip proftpd-1.3.5e.tar
5. Depending on where you have the proftpd-1.3.5e.tar.gz file, it needs to be moved or copied to rpmbuild/SOURCES directory
6. Modify the proftpd.spec file under rpmbuild/SOURCES and add the following to the next lines:
This line:
SMOD1=mod_sql:mod_sql_passwd:mod_sql_mysql:mod_sql_postgres
Should be like this:
SMOD1=mod_sql:mod_sql_passwd:mod_sql_mysql:mod_sql_postgres:mod_clamav

7. Add
%{_libexecdir}/proftpd/mod_clamav.so
In the libexecdir section

8. Save the file

9. Run rpmbuild:
rpmbuild -ba /root/Git/proftpd/proftpd.spec

Below is the output of the proftpd-vhost.log file on a failed login:
Code: [Select]
2017-06-25 23:03:49,910 proftpd01 proftpd[14019] proftpd01 (c-98-210-182-246.hsd1.ca.comcast.net[98.210.182.246]): SSH2 session opened.
2017-06-25 23:03:54,221 proftpd01 proftpd[14019] proftpd01 (c-98-210-182-246.hsd1.ca.comcast.net[98.210.182.246]): USER jmalena: Login successful
2017-06-25 23:03:54,224 proftpd01 proftpd[14019] proftpd01 (c-98-210-182-246.hsd1.ca.comcast.net[98.210.182.246]): ProFTPD terminating (signal 11)
2017-06-25 23:03:54,224 proftpd01 proftpd[14019] proftpd01 (c-98-210-182-246.hsd1.ca.comcast.net[98.210.182.246]): SSH2 session closed.

Below is the output of the sftp.log file on a failed login:
Code: [Select]
2017-06-25 23:03:49,914 mod_sftp/0.9.9[14019]: sent server version 'SSH-2.0-FTP Server Ready'
2017-06-25 23:03:49,914 mod_sftp/0.9.9[14019]: received client version 'SSH-2.0-OpenSSH_7.5'
2017-06-25 23:03:49,914 mod_sftp/0.9.9[14019]: handling connection from SSH2 client 'OpenSSH_7.5'
2017-06-25 23:03:49,927 mod_sftp/0.9.9[14019]:  + Session key exchange: ecdh-sha2-nistp256
2017-06-25 23:03:49,927 mod_sftp/0.9.9[14019]:  + Session server hostkey: ssh-rsa
2017-06-25 23:03:49,927 mod_sftp/0.9.9[14019]:  + Session client-to-server encryption: aes128-ctr
2017-06-25 23:03:49,927 mod_sftp/0.9.9[14019]:  + Session server-to-client encryption: aes128-ctr
2017-06-25 23:03:49,927 mod_sftp/0.9.9[14019]:  + Session client-to-server MAC: umac-64@openssh.com
2017-06-25 23:03:49,928 mod_sftp/0.9.9[14019]:  + Session server-to-client MAC: umac-64@openssh.com
2017-06-25 23:03:49,928 mod_sftp/0.9.9[14019]:  + Session client-to-server compression: none
2017-06-25 23:03:49,928 mod_sftp/0.9.9[14019]:  + Session server-to-client compression: none
2017-06-25 23:03:50,059 mod_sftp/0.9.9[14019]: sending acceptable userauth methods: publickey,keyboard-interactive,password
2017-06-25 23:03:50,072 mod_sftp/0.9.9[14019]: public key MD5 fingerprint: f2:54:fa:9f:e9:e4:07:01:8d:d7:10:fe:8e:5b:2a:d7
2017-06-25 23:03:50,072 mod_sftp/0.9.9[14019]: sending publickey OK
2017-06-25 23:03:50,088 mod_sftp/0.9.9[14019]: public key MD5 fingerprint: f2:54:fa:9f:e9:e4:07:01:8d:d7:10:fe:8e:5b:2a:d7
2017-06-25 23:03:50,106 mod_sftp/0.9.9[14019]: sending userauth failure; remaining userauth methods: publickey,keyboard-interactive,password
2017-06-25 23:03:54,223 mod_sftp/0.9.9[14019]: sending userauth success
2017-06-25 23:03:54,223 mod_sftp/0.9.9[14019]: user 'jmalena' authenticated via 'keyboard-interactive' method

Below is the output of the wrap.log file on a failed login:
Code: [Select]
2017-06-25 23:03:50,070 mod_wrap2/2.0.6[14019]: matched WrapUserTables expression for user 'jmalena'
2017-06-25 23:03:50,070 mod_wrap2/2.0.6[14019]: using 'file:/etc/proftpd/conf.d/useracls/%U.allow' for allow table
2017-06-25 23:03:50,070 mod_wrap2/2.0.6[14019]: using 'file:/etc/proftpd/conf.d/hosts.deny' for deny table
2017-06-25 23:03:50,070 mod_wrap2/2.0.6[14019]: looking under service name 'proftpd'
2017-06-25 23:03:50,070 mod_wrap2/2.0.6[14019]: checking access rules for connection
2017-06-25 23:03:50,071 mod_wrap2/2.0.6[14019]: resolved %U: path now '/etc/proftpd/conf.d/useracls/jmalena.allow'
2017-06-25 23:03:50,071 mod_wrap2/2.0.6[14019]: checking allow table rules
2017-06-25 23:03:50,071 mod_wrap2/2.0.6[14019]: table daemon list:
2017-06-25 23:03:50,071 mod_wrap2/2.0.6[14019]:   proftpd
2017-06-25 23:03:50,071 mod_wrap2/2.0.6[14019]:   proftpd
2017-06-25 23:03:50,071 mod_wrap2/2.0.6[14019]:   proftpd
2017-06-25 23:03:50,071 mod_wrap2/2.0.6[14019]: table client list:
2017-06-25 23:03:50,071 mod_wrap2/2.0.6[14019]:   jmalena@50.204.87.134
2017-06-25 23:03:50,071 mod_wrap2/2.0.6[14019]:   jmalena@209.203.107.230
2017-06-25 23:03:50,071 mod_wrap2/2.0.6[14019]:   jmalena@98.210.182.246
2017-06-25 23:03:50,071 mod_wrap2/2.0.6[14019]: daemon matches 'proftpd'
2017-06-25 23:03:50,071 mod_wrap2/2.0.6[14019]: client matches 'jmalena@98.210.182.246'
2017-06-25 23:03:50,072 mod_wrap2/2.0.6[14019]: allowed connection from jmalena@c-98-210-182-246.hsd1.ca.comcast.net
2017-06-25 23:03:50,087 mod_wrap2/2.0.6[14019]: matched WrapUserTables expression for user 'jmalena'
2017-06-25 23:03:50,087 mod_wrap2/2.0.6[14019]: using 'file:/etc/proftpd/conf.d/useracls/%U.allow' for allow table
2017-06-25 23:03:50,087 mod_wrap2/2.0.6[14019]: using 'file:/etc/proftpd/conf.d/hosts.deny' for deny table
2017-06-25 23:03:50,087 mod_wrap2/2.0.6[14019]: looking under service name 'proftpd'
2017-06-25 23:03:50,087 mod_wrap2/2.0.6[14019]: checking access rules for connection
2017-06-25 23:03:50,087 mod_wrap2/2.0.6[14019]: resolved %U: path now '/etc/proftpd/conf.d/useracls/jmalena.allow'
2017-06-25 23:03:50,087 mod_wrap2/2.0.6[14019]: checking allow table rules
2017-06-25 23:03:50,087 mod_wrap2/2.0.6[14019]: table daemon list:
2017-06-25 23:03:50,087 mod_wrap2/2.0.6[14019]:   proftpd
2017-06-25 23:03:50,087 mod_wrap2/2.0.6[14019]:   proftpd
2017-06-25 23:03:50,087 mod_wrap2/2.0.6[14019]:   proftpd
2017-06-25 23:03:50,087 mod_wrap2/2.0.6[14019]: table client list:
2017-06-25 23:03:50,087 mod_wrap2/2.0.6[14019]:   jmalena@50.204.87.134
2017-06-25 23:03:50,087 mod_wrap2/2.0.6[14019]:   jmalena@209.203.107.230
2017-06-25 23:03:50,088 mod_wrap2/2.0.6[14019]:   jmalena@98.210.182.246
2017-06-25 23:03:50,088 mod_wrap2/2.0.6[14019]: daemon matches 'proftpd'
2017-06-25 23:03:50,088 mod_wrap2/2.0.6[14019]: client matches 'jmalena@98.210.182.246'
2017-06-25 23:03:50,088 mod_wrap2/2.0.6[14019]: allowed connection from jmalena@c-98-210-182-246.hsd1.ca.comcast.net
2017-06-25 23:03:50,118 mod_wrap2/2.0.6[14019]: matched WrapUserTables expression for user 'jmalena'
2017-06-25 23:03:50,118 mod_wrap2/2.0.6[14019]: using 'file:/etc/proftpd/conf.d/useracls/%U.allow' for allow table
2017-06-25 23:03:50,118 mod_wrap2/2.0.6[14019]: using 'file:/etc/proftpd/conf.d/hosts.deny' for deny table
2017-06-25 23:03:50,118 mod_wrap2/2.0.6[14019]: looking under service name 'proftpd'
2017-06-25 23:03:50,118 mod_wrap2/2.0.6[14019]: checking access rules for connection
2017-06-25 23:03:50,118 mod_wrap2/2.0.6[14019]: resolved %U: path now '/etc/proftpd/conf.d/useracls/jmalena.allow'
2017-06-25 23:03:50,118 mod_wrap2/2.0.6[14019]: checking allow table rules
2017-06-25 23:03:50,118 mod_wrap2/2.0.6[14019]: table daemon list:
2017-06-25 23:03:50,118 mod_wrap2/2.0.6[14019]:   proftpd
2017-06-25 23:03:50,118 mod_wrap2/2.0.6[14019]:   proftpd
2017-06-25 23:03:50,118 mod_wrap2/2.0.6[14019]:   proftpd
2017-06-25 23:03:50,118 mod_wrap2/2.0.6[14019]: table client list:
2017-06-25 23:03:50,118 mod_wrap2/2.0.6[14019]:   jmalena@50.204.87.134
2017-06-25 23:03:50,118 mod_wrap2/2.0.6[14019]:   jmalena@209.203.107.230
2017-06-25 23:03:50,118 mod_wrap2/2.0.6[14019]:   jmalena@98.210.182.246
2017-06-25 23:03:50,118 mod_wrap2/2.0.6[14019]: daemon matches 'proftpd'
2017-06-25 23:03:50,118 mod_wrap2/2.0.6[14019]: client matches 'jmalena@98.210.182.246'
2017-06-25 23:03:50,119 mod_wrap2/2.0.6[14019]: allowed connection from jmalena@c-98-210-182-246.hsd1.ca.comcast.net

I'm sure there is something in my instructions that is causing this so hopefully you can point it out.

Thanks,
jamdev
5
When you *did* have the mod_wrap2 module enabled for SFTP connections, what did the WrapLog show, for the failing logins?  What sort of information would I use, locally, for my mod_wrap2 configuration, to recreate what you had for your users (in terms of allow/deny rules for users)?
6
Hi Castaglia,

Here is the output of 'proftpd -V':
Code: [Select]
[root@proftpd01 ~]# proftpd -V
Compile-time Settings:
  Version: 1.3.5e (maint)
  Platform: LINUX [Linux 2.6.32-642.1.1.el6.x86_64 x86_64]
  Built: Wed May 17 2017 07:04:44 PDT
  Built With:
    configure  '--build=x86_64-redhat-linux-gnu' '--host=x86_64-redhat-linux-gnu' '--target=x86_64-redhat-linux-gnu' '--program-prefix=' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib64' '--libexecdir=/usr/libexec' '--localstatedir=/var' '--sharedstatedir=/var/lib' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--libexecdir=/usr/libexec/proftpd' '--localstatedir=/var/run/proftpd' '--disable-strip' '--enable-ctrls' '--enable-dso' '--enable-facl' '--enable-ipv6' '--enable-nls' '--enable-openssl' '--enable-pcre' '--enable-shadow' '--enable-tests' '--with-libraries=/usr/lib64/mysql' '--with-includes=/usr/include/mysql' '--with-modules=mod_readme:mod_auth_pam:mod_tls' '--with-shared=mod_sql:mod_sql_passwd:mod_sql_mysql:mod_sql_postgres:mod_clamav:mod_quotatab:mod_quotatab_file:mod_quotatab_ldap:mod_quotatab_radius:mod_quotatab_sql:mod_ldap:mod_ban:mod_wrap:mod_ctrls_admin:mod_facl:mod_load:mod_vroot:mod_radius:mod_ratio:mod_rewrite:mod_site_misc:mod_exec:mod_shaper:mod_geoip:mod_wrap2:mod_wrap2_file:mod_wrap2_sql:mod_copy:mod_deflate:mod_ifversion:mod_qos:mod_sftp:mod_sftp_pam:mod_sftp_sql:mod_tls_shmcache:mod_ifsession' 'build_alias=x86_64-redhat-linux-gnu' 'host_alias=x86_64-redhat-linux-gnu' 'target_alias=x86_64-redhat-linux-gnu' 'CFLAGS=-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic' 'CXXFLAGS=-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic'

  CFLAGS: -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -Wall
  LDFLAGS: -L$(top_srcdir)/lib  -L/usr/lib64/mysql -L/usr/lib64/mysql -L/usr/lib64
  LIBS: -lacl  -lpcreposix -lpcre -lssl -lcrypto -lssl -lcrypto -lcap  -lssl -lcrypto  -lpam -lsupp -lcrypt -ldl

  Files:
    Configuration File:
      /etc/proftpd.conf
    Pid File:
      /var/run/proftpd/proftpd.pid
    Scoreboard File:
      /var/run/proftpd/proftpd.scoreboard
    Header Directory:
      /usr/include/proftpd
    Shared Module Directory:
      /usr/libexec/proftpd

  Features:
    - Autoshadow support
    + Controls support
    + curses support
    - Developer support
    + DSO support
    + IPv6 support
    + Largefile support
    - Lastlog support
    - Memcache support
    + ncursesw support
    + NLS support
    + OpenSSL support (FIPS enabled)
    + PCRE support
    + POSIX ACL support
    + Shadow file support
    + Sendfile support
    + Trace support

  Tunable Options:
    PR_TUNABLE_BUFFER_SIZE = 1024
    PR_TUNABLE_DEFAULT_RCVBUFSZ = 8192
    PR_TUNABLE_DEFAULT_SNDBUFSZ = 8192
    PR_TUNABLE_GLOBBING_MAX_MATCHES = 100000
    PR_TUNABLE_GLOBBING_MAX_RECURSION = 8
    PR_TUNABLE_HASH_TABLE_SIZE = 40
    PR_TUNABLE_NEW_POOL_SIZE = 512
    PR_TUNABLE_SCOREBOARD_BUFFER_SIZE = 80
    PR_TUNABLE_SCOREBOARD_SCRUB_TIMER = 30
    PR_TUNABLE_SELECT_TIMEOUT = 30
    PR_TUNABLE_TIMEOUTIDENT = 10
    PR_TUNABLE_TIMEOUTIDLE = 600
    PR_TUNABLE_TIMEOUTLINGER = 30
    PR_TUNABLE_TIMEOUTLOGIN = 300
    PR_TUNABLE_TIMEOUTNOXFER = 300
    PR_TUNABLE_TIMEOUTSTALLED = 3600
    PR_TUNABLE_XFER_SCOREBOARD_UPDATES = 10
Let me know if you need anything else and I thank you for your help.
7
So that I can attempt to reproduce this behavior locally...what does `proftpd -V` show?
8
Hi Castaglia,

My sincere apologies for not responding to your request. Had other priorities to finish.

Increasing the amount of MaxLoginAttempts does not work. From what I can tell though it seems the issue is with wrap2 module. When I remove the functionality from the configuration and reload I can log in with password or key. Can the module be corrupted during the building from source, or could it be a bug?
Code: [Select]
DefaultServer off
AuthPAMConfig proftpd
AuthOrder mod_auth_pam.c* mod_auth_unix.c
IdentLookups off
UseReverseDNS on
User ftp
Group ftp
MaxInstances 150
MaxClientsPerUser 8
UseSendfile off
UseIPv6 off
LogFormat default "%h %l %u %t \"%r\" %s %b"
ExtendedLog /var/log/secure AUTH auth
LogFormat auth "%v %t "%r" [%h] %s"
SystemLog /var/log/proftpd/proftpd.log
Port 0
TimeoutIdle 900
TimeoutNoTransfer 900
AllowOverwrite on
PassivePorts 60000 65534
TimesGMT Off
SetEnv TZ :/etc/localtime
LoadModule mod_ctrls_admin.c
LoadModule mod_sftp.c
LoadModule mod_sftp_pam.c
LoadModule mod_site_misc.c
#LoadModule mod_wrap2.c
#LoadModule mod_wrap2_file.c
#LoadModule mod_wrap2_sql.c
LoadModule mod_vroot.c
<Limit SITE_CHMOD>
  AllowAll
</Limit>
<Global>
  ServerIdent On "FTP Server Ready"
  Umask 0003
  AllowOverwrite yes
  <Limit ALL SITE_CHMOD>
    AllowAll
  </Limit>
SiteMiscEngine on
</Global>
  <IfModule mod_ctrls_admin.c>
     AdminControlsEngine off
  </IfModule>
  <IfModule mod_vroot.c>
        VRootEngine on
        DefaultRoot ~ !adm
        VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf
  </IfModule>
  <IfModule mod_sftp.c>
    <VirtualHost 172.21.53.21>
      MaxClientsPerUser 8
      DefaultRoot  ~
      Umask 0003
      SyslogLevel info
      ServerLog /var/log/proftpd/proftpd-vhost.log
      <Limit ALL SITE_CHMOD>
        AllowAll
      </Limit>
      SFTPEngine on
      SFTPOptions IgnoreSFTPUploadPerms
      SFTPLog /var/log/proftpd/sftp.log
      Port 2222
      SFTPHostKey /etc/ssh/ssh_host_rsa_key
      SFTPHostKey /etc/ssh/ssh_host_dsa_key
      SFTPAuthorizedUserKeys file:/etc/proftpd/conf.d/auth_keys/%u_auth_keys
      SFTPCompression delayed
      MaxLoginAttempts 3
      SFTPClientMatch ".*J2SSH_Maverick.*" channelWindowSize 32MB
      SFTPClientMatch .* sftpProtocolVersion 3 channelWindowSize 1GB
#      WrapEngine on
#      WrapUserTables * file:/etc/proftpd/conf.d/useracls/%U.allow file:/etc/proftpd/conf.d/hosts.deny
#      WrapLog    /var/log/proftpd/wrap.log
    </VirtualHost>
  </IfModule>
</IfDefine>
9
We have another client with the same ssh client (Maverick 1.4.5)
that seems to have the same pattern of problem on our old prodftd in production too

here is the end of it's connection :

Jun 23 10:49:26 [29321] <ssh2:20>: SSH2 packet len = 28 bytes
Jun 23 10:49:26 [29321] <ssh2:20>: SSH2 packet padding len = 4 bytes
Jun 23 10:49:26 [29321] <ssh2:20>: SSH2 packet payload len = 23 bytes
Jun 23 10:49:26 [29321] <ssh2:20>: SSH2 packet MAC len = 20 bytes
Jun 23 10:49:26 [29321] <timer:7>: reset timer ID 2 ('TimeoutIdle', for module '[none]')
Jun 23 10:49:26 [29321] <ssh2:3>: received SSH_MSG_CHANNEL_DATA (94) packet
Jun 23 10:49:26 [29321] <sftp:9>: reading SFTP data from SSH2 packet buffer (14 bytes)
Jun 23 10:49:26 [29321] <sftp:6>: received REALPATH (16) SFTP request (request ID 8, channel ID 0)
Jun 23 10:49:26 [29321] <lock:9>: attempting to write-lock scoreboard fd 10 entry, offset 32
Jun 23 10:49:26 [29321] <lock:9>: write-lock of scoreboard fd 10 entry, offset 32 succeeded
Jun 23 10:49:26 [29321] <lock:9>: attempting to unlock scoreboard fd 10 entry, offset 32
Jun 23 10:49:26 [29321] <lock:9>: unlock of scoreboard fd 10 entry, offset 32 succeeded
Jun 23 10:49:26 [29321] <lock:9>: attempting to write-lock scoreboard fd 10 entry, offset 32
Jun 23 10:49:26 [29321] <lock:9>: write-lock of scoreboard fd 10 entry, offset 32 succeeded
Jun 23 10:49:26 [29321] <lock:9>: attempting to unlock scoreboard fd 10 entry, offset 32
Jun 23 10:49:26 [29321] <lock:9>: unlock of scoreboard fd 10 entry, offset 32 succeeded
Jun 23 10:49:26 [29321] <sftp:7>: received request: REALPATH /
Jun 23 10:49:26 [29321] <encode:5>: decoded 'REALPATH' into 'REALPATH'
Jun 23 10:49:26 [29321] <encode:5>: decoded '/' into '/'
Jun 23 10:49:26 [29321] <command:7>: dispatching PRE_CMD command 'REALPATH /' to mod_tls.c
Jun 23 10:49:26 [29321] <command:7>: dispatching PRE_CMD command 'REALPATH /' to mod_core.c
Jun 23 10:49:26 [29321] <command:7>: dispatching PRE_CMD command 'REALPATH /' to mod_core.c
Jun 23 10:49:26 [29321] <fsio:8>: using system stat() for path '/'
Jun 23 10:49:26 [29321] <fsio:8>: using system stat() for path '/.ftpaccess'
Jun 23 10:49:26 [29321] <fsio:8>: using system lstat() for path '/'
Jun 23 10:49:26 [29321] <sftp:8>: sending response: NAME 1 / type=dir;size=4096;UNIX.owner=6552;UNIX.group=2182;UNIX.mode=0755;access=20170203233017;modify=20170607220016;
Jun 23 10:49:26 [29321] <auth:8>: using name 'CLIENT' from uidcache for UID 6552
Jun 23 10:49:26 [29321] <auth:8>: using name 'clients' from gidcache for GID 2182
Jun 23 10:49:26 [29321] <command:7>: dispatching LOG_CMD command 'REALPATH /' to mod_log.c
Jun 23 10:49:26 [29321] <ssh2:9>: sending CHANNEL_DATA (remote channel ID 0, 73 data bytes)
Jun 23 10:49:26 [29321] <ssh2:20>: sending random SSH2_MSG_IGNORE message (113 bytes) based on 'rogaway' TAP policy
Jun 23 10:49:26 [29321] <ssh2:3>: sent SSH_MSG_IGNORE (2) packet
Jun 23 10:49:26 [29321] <ssh2:3>: sent SSH_MSG_CHANNEL_DATA (94) packet
Jun 23 10:49:26 [29321] <ssh2:11>: channel ID 0 remote window size currently at 102287 bytes
Jun 23 10:49:26 [29321] <lock:9>: attempting to write-lock scoreboard fd 10 entry, offset 32
Jun 23 10:49:26 [29321] <lock:9>: write-lock of scoreboard fd 10 entry, offset 32 succeeded
Jun 23 10:49:26 [29321] <lock:9>: attempting to unlock scoreboard fd 10 entry, offset 32
Jun 23 10:49:26 [29321] <lock:9>: unlock of scoreboard fd 10 entry, offset 32 succeeded
Jun 23 10:49:26 [29321] <lock:9>: attempting to write-lock scoreboard fd 10 entry, offset 32
Jun 23 10:49:26 [29321] <lock:9>: write-lock of scoreboard fd 10 entry, offset 32 succeeded
Jun 23 10:49:26 [29321] <lock:9>: attempting to unlock scoreboard fd 10 entry, offset 32
Jun 23 10:49:26 [29321] <lock:9>: unlock of scoreboard fd 10 entry, offset 32 succeeded
Jun 23 10:49:26 [29321] <ssh2:20>: SSH2 packet len = 44 bytes
Jun 23 10:49:26 [29321] <ssh2:20>: SSH2 packet padding len = 16 bytes
Jun 23 10:49:26 [29321] <ssh2:20>: SSH2 packet payload len = 27 bytes
Jun 23 10:49:26 [29321] <ssh2:20>: SSH2 packet MAC len = 20 bytes
Jun 23 10:49:26 [29321] <timer:7>: reset timer ID 2 ('TimeoutIdle', for module '[none]')
Jun 23 10:49:26 [29321] <ssh2:3>: received SSH_MSG_CHANNEL_DATA (94) packet
Jun 23 10:49:26 [29321] <sftp:9>: reading SFTP data from SSH2 packet buffer (18 bytes)
Jun 23 10:49:26 [29321] <sftp:6>: received STAT (17) SFTP request (request ID 9, channel ID 0)
Jun 23 10:49:26 [29321] <lock:9>: attempting to write-lock scoreboard fd 10 entry, offset 32
Jun 23 10:49:26 [29321] <lock:9>: write-lock of scoreboard fd 10 entry, offset 32 succeeded
Jun 23 10:49:26 [29321] <lock:9>: attempting to unlock scoreboard fd 10 entry, offset 32
Jun 23 10:49:26 [29321] <lock:9>: unlock of scoreboard fd 10 entry, offset 32 succeeded
Jun 23 10:49:26 [29321] <lock:9>: attempting to write-lock scoreboard fd 10 entry, offset 32
Jun 23 10:49:26 [29321] <lock:9>: write-lock of scoreboard fd 10 entry, offset 32 succeeded
Jun 23 10:49:26 [29321] <lock:9>: attempting to unlock scoreboard fd 10 entry, offset 32
Jun 23 10:49:26 [29321] <lock:9>: unlock of scoreboard fd 10 entry, offset 32 succeeded
Jun 23 10:49:26 [29321] <sftp:7>: received request: STAT / size;UNIX.owner;UNIX.group;UNIX.mode;access;modify
Jun 23 10:49:26 [29321] <encode:5>: decoded 'STAT' into 'STAT'
Jun 23 10:49:26 [29321] <encode:5>: decoded '/' into '/'
Jun 23 10:49:26 [29321] <command:7>: dispatching PRE_CMD command 'STAT /' to mod_tls.c
Jun 23 10:49:26 [29321] <command:7>: dispatching PRE_CMD command 'STAT /' to mod_core.c
Jun 23 10:49:26 [29321] <command:7>: dispatching PRE_CMD command 'STAT /' to mod_core.c
Jun 23 10:49:26 [29321] <fsio:8>: using system stat() for path '/'
Jun 23 10:49:26 [29321] <fsio:8>: using system stat() for path '/.ftpaccess'
Jun 23 10:49:26 [29321] <fsio:8>: using system stat() for path '/'
Jun 23 10:49:26 [29321] <sftp:8>: sending response: ATTRS type=dir;size=4096;UNIX.owner=6552;UNIX.group=2182;UNIX.mode=0755;access=20170203233017;modify=20170607220016;
Jun 23 10:49:26 [29321] <auth:8>: using name 'CLIENT' from uidcache for UID 6552
Jun 23 10:49:26 [29321] <auth:8>: using name 'clients' from gidcache for GID 2182
Jun 23 10:49:26 [29321] <command:7>: dispatching LOG_CMD command 'STAT /' to mod_log.c
Jun 23 10:49:26 [29321] <ssh2:9>: sending CHANNEL_DATA (remote channel ID 0, 64 data bytes)
Jun 23 10:49:26 [29321] <ssh2:20>: sending random SSH2_MSG_IGNORE message (87 bytes) based on 'rogaway' TAP policy
Jun 23 10:49:26 [29321] <ssh2:3>: sent SSH_MSG_IGNORE (2) packet
Jun 23 10:49:26 [29321] <ssh2:3>: sent SSH_MSG_CHANNEL_DATA (94) packet
Jun 23 10:49:26 [29321] <ssh2:11>: channel ID 0 remote window size currently at 102223 bytes
Jun 23 10:49:26 [29321] <lock:9>: attempting to write-lock scoreboard fd 10 entry, offset 32
Jun 23 10:49:26 [29321] <lock:9>: write-lock of scoreboard fd 10 entry, offset 32 succeeded
Jun 23 10:49:26 [29321] <lock:9>: attempting to unlock scoreboard fd 10 entry, offset 32
Jun 23 10:49:26 [29321] <lock:9>: unlock of scoreboard fd 10 entry, offset 32 succeeded
Jun 23 10:49:26 [29321] <lock:9>: attempting to write-lock scoreboard fd 10 entry, offset 32
Jun 23 10:49:26 [29321] <lock:9>: write-lock of scoreboard fd 10 entry, offset 32 succeeded
Jun 23 10:49:26 [29321] <lock:9>: attempting to unlock scoreboard fd 10 entry, offset 32
Jun 23 10:49:26 [29321] <lock:9>: unlock of scoreboard fd 10 entry, offset 32 succeeded
Jun 23 10:49:26 [29321] <ssh2:20>: SSH2 packet len = 60 bytes
Jun 23 10:49:26 [29321] <ssh2:20>: SSH2 packet padding len = 9 bytes
Jun 23 10:49:26 [29321] <ssh2:20>: SSH2 packet payload len = 50 bytes
Jun 23 10:49:26 [29321] <ssh2:20>: SSH2 packet MAC len = 20 bytes
Jun 23 10:49:26 [29321] <timer:7>: reset timer ID 2 ('TimeoutIdle', for module '[none]')
Jun 23 10:49:26 [29321] <ssh2:3>: received SSH_MSG_DISCONNECT (1) packet
Jun 23 10:49:26 [29321] <lock:9>: attempting to write-lock scoreboard fd 10 entry, offset 32
Jun 23 10:49:26 [29321] <lock:9>: write-lock of scoreboard fd 10 entry, offset 32 succeeded
Jun 23 10:49:26 [29321] <lock:9>: attempting to unlock scoreboard fd 10 entry, offset 32
Jun 23 10:49:26 [29321] <lock:9>: unlock of scoreboard fd 10 entry, offset 32 succeeded
Jun 23 10:49:26 [29321] <event:8>: dispatching event 'core.exit' to core (at 0x4199c0)
Jun 23 10:49:26 [29321] <event:8>: dispatching event 'core.exit' to mod_sftp (at 0x2b06ec7009f0)
Jun 23 10:49:26 [29321] <ssh2:15>: destroying unclosed channel ID 0 (0 bytes pending)
Jun 23 10:49:26 [29321] <event:8>: dispatching event 'core.exit' to mod_auth (at 0x459ff0)
Jun 23 10:49:26 [29321] <event:8>: dispatching event 'core.exit' to mod_auth_unix (at 0x4536d0)
Jun 23 10:49:26 [29321] <auth:6>: dispatching auth request "endpwent" to module mod_auth_file
Jun 23 10:49:26 [29321] <auth:6>: dispatching auth request "endpwent" to module mod_auth_unix
Jun 23 10:49:26 [29321] <auth:5>: emptying authcache
Jun 23 10:49:26 [29321] <auth:6>: dispatching auth request "endgrent" to module mod_auth_file
Jun 23 10:49:26 [29321] <auth:6>: dispatching auth request "endgrent" to module mod_auth_unix
Jun 23 10:49:26 [29321] <event:8>: dispatching event 'core.exit' to mod_xfer (at 0x44dcd0)

Jun 23 10:49:26 mod_sftp/0.9.7[29321]: using '/app/ftpusr/ftp/ssh/ssh_host_dsa_key' as DSA hostkey
Jun 23 10:49:26 mod_sftp/0.9.7[29321]: using '/app/ftpusr/ftp/ssh/ssh_host_rsa_key' as RSA hostkey
Jun 23 10:49:26 mod_sftp/0.9.7[29321]: received client version 'SSH-2.0-http://J2SSH_Maverick_1.4.5__Axway'
Jun 23 10:49:26 mod_sftp/0.9.7[29321]: handling connection from SSH2 client 'http://J2SSH_Maverick_1.4.5__Axway'
Jun 23 10:49:26 mod_sftp/0.9.7[29321]:  + Session key exchange: diffie-hellman-group1-sha1
Jun 23 10:49:26 mod_sftp/0.9.7[29321]:  + Session server hostkey: ssh-rsa
Jun 23 10:49:26 mod_sftp/0.9.7[29321]:  + Session client-to-server encryption: aes128-cbc
Jun 23 10:49:26 mod_sftp/0.9.7[29321]:  + Session server-to-client encryption: aes128-cbc
Jun 23 10:49:26 mod_sftp/0.9.7[29321]:  + Session client-to-server MAC: hmac-sha1
Jun 23 10:49:26 mod_sftp/0.9.7[29321]:  + Session server-to-client MAC: hmac-sha1
Jun 23 10:49:26 mod_sftp/0.9.7[29321]:  + Session client-to-server compression: none
Jun 23 10:49:26 mod_sftp/0.9.7[29321]:  + Session server-to-client compression: none
Jun 23 10:49:26 mod_sftp/0.9.7[29321]: sending acceptable userauth methods: publickey
Jun 23 10:49:26 mod_sftp/0.9.7[29321]: public key fingerprint: 1b:82:ea:68:5d:90:74:5e:94:07:01:5b:86:be:0c:ab
Jun 23 10:49:26 mod_sftp/0.9.7[29321]: sending userauth success
Jun 23 10:49:26 mod_sftp/0.9.7[29321]: user 'CLIENT' authenticated via 'publickey' method
Jun 23 10:49:26 mod_sftp/0.9.7[29321]: 'subsystem' channel request for 'sftp' subsystem
Jun 23 10:49:26 mod_sftp/0.9.7[29321]: using SFTP protocol version 4 for this session (channel ID 0)
Jun 23 10:49:26 mod_sftp/0.9.7[29321]: empty path given in REALPATH request, using '/'
Jun 23 10:49:26 mod_sftp/0.9.7[29321]: client sent SSH_DISCONNECT message: The user disconnected the application (Application error)
10
mod_tls / Re: Cannot get OCSP stapling to work
« Last post by castaglia on June 22, 2017, 05:30:21 pm »
I think you may have more data/skin in the FileZilla game there; if you'd like to follow up with them (and reference this post), that'd work for me.  Thanks!
Pages: [1] 2 3 ... 10