Ricardo, I followed the advice you offered back-channel and backed off the galaxy changes to support pbkdf2. I can now authenticate via the latest stable release of ProFTPD. Thanks! Malcolm On Thursday 20 June 2013 10:54:44 Perez, Ricardo wrote:
I am sorry, i posted the wrong configuration file above. I am posting now the updated proftpd.conf , the differences is that some things are commented out and others are not.
# This is a basic ProFTPD configuration file (rename it to # 'proftpd.conf' for actual use. It establishes a single server # and a single anonymous login. It assumes that you have a user/group # "nobody" and "ftp" for normal operation and anon.
ServerName "Genomics01 ProFTPd" ServerType standalone DefaultServer on DeferWelcome off UseIPv6 on IdentLookups off MultilineRFC2228 on ShowSymlinks on
ModulePath /usr/local/galaxy/downloads/proftpd-1.3.5rc3/modules/
LoadModule mod_sql.c LoadModule mod_sql_postgres.c LoadModule mod_sql_passwd.c
<IfModule mod_sql.c> SQLBackend postgres SQLEngine on SQLAuthenticate users SQLAuthTypes SHA1 SHA256 pbkdf2 SQLPasswordPBKDF2 SHA256 1000 24 #SQLPasswordSaltFile /path/to/file SQLConnectInfo galaxydb@localhost:5432 ftpuser mypassword SQLUserInfo custom:/LookupGalaxyUser #SQLNamedQuery LookupGalaxyUser SELECT "email,password,'galaxy','galaxy','/usr/local/galaxy/galaxy-dist/database/ftp/%U','/bin/bash' FROM galaxy_user WHERE email='%U'"
SQLPasswordUserSalt sql:/GetUserSalt
SQLNamedQuery LookupGalaxyUser SELECT "email, (CASE WHEN substring(password from 1 for 6) = 'PBDKF2' THEN substring(password from 38 for 69) ELSE password END) AS password2,'galaxy','galaxy','/usr/local/galaxy/galaxy-dist/database/ftp/%U','/bin/bash' FROM galaxy_user WHERE email='%U'"
SQLNamedQuery GetUserSalt SELECT "(CASE WHEN SUBSTRING (password from 1 for 6) = 'PBDKF2' THEN SUBSTRING (password from 21 for 36) END) AS salt FROM galaxy_user WHERE email='%U'"
</IfModule>
SQLDefaultGID 1002 SQLDefaultUID 1002
TimeoutNoTransfer 600 TimeoutStalled 600 TimeoutIdle 1200
DisplayLogin welcome.msg DisplayChdir .message true ListOptions "-l"
DenyFilter \*.*/
# Use this to jail all users in their homes DefaultRoot ~ CreateHome on dirmode 700 AllowOverwrite on AllowStoreRestart on SQLPasswordEngine on SQLPasswordEncoding hex PassivePorts 30000 40000
# Port 21 is the standard FTP port. Port 21
# Don't use IPv6 support by default. # Umask 022 is a good standard umask to prevent new dirs and files # from being group and world writable. Umask 077
# To prevent DoS attacks, set the maximum number of child processes # to 30. If you need to allow more than 30 concurrent connections # at once, simply increase this value. Note that this ONLY works # in standalone mode, in inetd mode you should use an inetd server # that allows you to limit maximum number of processes per service # (such as xinetd). MaxInstances 30
# Set the user and group under which the server will run. User galaxy Group galaxy
# To cause every FTP user to be "jailed" (chrooted) into their home # directory, uncomment this line. #DefaultRoot ~
# Normally, we want files to be overwriteable. AllowOverwrite on
AuthOrder mod_sql.c
# Bar use of SITE CHMOD by default #<Limit SITE_CHMOD> # DenyAll #</Limit> Include /etc/proftpd/conf.d/ ___________________________________________________________ Please keep all replies on the list by using "reply all" in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at: http://lists.bx.psu.edu/
To search Galaxy mailing lists use the unified search at: http://galaxyproject.org/search/mailinglists/
-- Malcolm Tobias 314.362.1594