This is a big fat "me too" for acejbird's post of February 8.
I'm using a fresh XAMPP 0.7.4 install on Mac OS X 10.5.6. I am unable to log into my FTP server using any combination of usernames and passwords that I can think of. When I ran "mampp security" for the very first time I got the "XAMPP: ProFTPD has a new FTP password. Great!" message even though I obviously had not set an FTP password. Whether or not I try to change the FTP password, there are no "UserPass" lines in etc/proftpd.conf.
At this point I don't even understand what the correct behavior is supposed to be, let alone how or why the configuration might be broken. I imagine it's too much to hope that it might be documented somewhere, right? :-)
In January 2007 Jens said that proftpd.conf should contain these lines (where XXXXXXX is an encrypted password):
- Code: Select all
RequireValidShell off
UserPass nobody XXXXXXXX
Is that correct and is it sufficient? Is there anything else with security implications that might be missing from my proftpd.conf file? I'm already getting probed by mysterious Russian IP addresses, so I certainly don't want to open a hole while trying to correct my login problem...
Thanks.