Sorry, I didn't see the recent changes...

2013/7/22 Rémy Dernat <>

1/ Do you know who is your (FTP) galaxy user ? The proftpd daemon should run whith this user (be carefull to permissions).
2/ Did you try a simpler way to authenticate to your postgresql server ?
I mean, you choose to add some parameter as "SQLPasswordPBKDF2" or "SQLPasswordUserSalt". You should know what kind of algorithm is used to encrypt password on your postgres server and then use it...
Follow this tutorial :

If it works, then add 'salt' method if you wish, or other algorithm/method to encrypt password...


2013/7/22 TerryYeh@NARL <>

Dear All,

        I am having a similar problem too. I followed the config setting provide by Mr. Perez and modified some possible error. I still cannot login my ftp server. Following is my proftpd.conf. Please help me to figure out the problem. Thanks a lot!!


# This is a basic ProFTPD configuration file (rename it to

# 'proftpd.conf' for actual use.  It establishes a single server

# and a single anonymous login.  It assumes that you have a user/group

# "nobody" and "ftp" for normal operation and anon.


ServerName                      "ProFTPD Default Installation"

ServerType                      standalone

DefaultServer                   on


# Port 21 is the standard FTP port

Port                            2121


# Don't use IPv6 support by default.

UseIPv6                         off


# Umask 022 is a good standard umask to prevent new dirs and files

# from being group and world writable.

Umask                           022


# To prevent DoS attacks, set the maximum number of child processes

# to 30.  If you need to allow more than 30 concurrent connections

# at once, simply increase this value.  Note that this ONLY works

# in standalone mode, in inetd mode you should use an inetd server

# that allows you to limit maximum number of processes per service

# (such as xinetd).

MaxInstances                    30


# Set the user and group under which the server will run.

User                    username

Group                   groupname



PassivePorts            40000 40999

# To cause every FTP user to be "jailed" (chrooted) into their home

# directory, uncomment this line.

#DefaultRoot ~


CreateHome              on dirmode 700


# Normally, we want files to be overwriteable.

AllowOverwrite          on


AllowStoreRestart       on



# Bar use of SITE CHMOD by default





<Limit RETR>





<IfModule mod_dso.c>

  LoadModule mod_sql.c

  LoadModule mod_sql_passwd.c

  LoadModule mod_sql_postgres.c



SQLLogFile /pkg/biology/galaxy/proftpd/log/proftpd-sql-local




ServerLog /pkg/biology/galaxy/proftpd/var/proftpd-server.log

SystemLog /pkg/biology/galaxy/proftpd/var/proftpd-system.log



#AuthPAMConfig ftp

#AuthOrder mod_auth_pam.c* mod_auth_unix.c



# Do not authenticate against real (system) users

AuthPAM                         off

#AuthOrder                       mod_sql.c



# Set up mod_sql_password - Galaxy passwords are stored as hex-encoded SHA1

SQLPasswordEngine               on

SQLPasswordEncoding             hex


# Set up mod_sql to authenticate against the Galaxy database

SQLEngine                       on

SQLBackend                      postgres

SQLConnectInfo                  galaxy@localhost username password

SQLAuthTypes                    SHA1 SHA256 pbkdf2

SQLPasswordPBKDF2               SHA256 10000 24


SQLAuthenticate                 users



# An empty directory in case chroot fails

#SQLDefaultHomedir               /var/opt/local/proftpd


# Define a custom query for lookup that returns a passwd-like entry.  UID and GID should match your Galaxy user.


SQLUserInfo                     custom:/LookupGalaxyUser

SQLPasswordUserSalt             sql:/GetUserSalt


#SQLNamedQuery                   LookupGalaxyUser  SELECT "email,password,'12345','1234','/home/username/galaxyftp/%U','/bin/bash' FROM galaxy_user WHERE email='%U'"

SQLNamedQuery    LookupGalaxyUser  SELECT "email, (CASE WHEN substring(password from 1 for 6) = 'PBKDF2' THEN substring(password from 38 for 32) ELSE password END) AS password,'12345','1234','/home/username/galaxyftp/%U','/bin/bash' FROM galaxy_user WHERE email='%U'"

SQLNamedQuery    GetUserSalt SELECT "(CASE WHEN SUBSTRING (password from 1 for 6) = 'PBKDF2' THEN SUBSTRING (password from 21 for 16) END) AS salt FROM galaxy_user WHERE email='%U'"




I still get the message of authentication failed.

2013-07-22 11:07:29,590 mod_sql/4.3[8124]: checking password using SQLAuthType 'sha1'

2013-07-22 11:07:29,590 mod_sql/4.3[8124]: 'sha1' SQLAuthType handler reports failure

2013-07-22 11:07:29,590 mod_sql/4.3[8124]: checking password using SQLAuthType 'sha256'

2013-07-22 11:07:29,590 mod_sql/4.3[8124]: 'sha256' SQLAuthType handler reports failure

2013-07-22 11:07:29,590 mod_sql/4.3[8124]: checking password using SQLAuthType 'pbkdf2'

2013-07-22 11:07:29,619 mod_sql/4.3[8124]: 'pbkdf2' SQLAuthType handler reports failure


Any suggestion on my configuration file, Thanks.

Please keep all replies on the list by using "reply all"
in your mail client.  To manage your subscriptions to this
and other Galaxy lists, please use the interface at:

To search Galaxy mailing lists use the unified search at: