I am setting up an server with vsftpd to let virtual users access their space. Now it is fully working but only with CRYPT passwords. So
sudo htpasswd -c /etc/vsftpd/ftpd.passwd phpmyadmin
will not allow me to log in, but
sudo htpasswd -c -d /etc/vsftpd/ftpd.passwd phpmyadmin
will.
/etc/vsftpd.conf
listen=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
nopriv_user=vsftpd
virtual_use_local_privs=YES
guest_enable=YES
user_sub_token=$USER
local_root=/var/www/vhosts/$USER.universe.local
chroot_local_user=YES
hide_ids=YES
guest_username=vsftpd
/etc/pam.d/vsftpd
auth required pam_pwdfile.so pwdfile /etc/vsftpd/ftpd.passwd crypt=2
account required pam_permit.so crypt=2
I installed apache2.4.3 from source as well as PHP.
Things I've tried:
- Google a lot
- Set crypt=2
- ask friends
- use SHA (doesn't work either)
- update htpasswd and vsftpd
I have been struggeling with this for a week now, I hope u guys can help me further
htpasswdgenerates MD5 hashes in the Apache format, which you can verify by seeing that they start with$apr1$, but PAM only supports formats that your platform's implementation ofcrypt(3)implements. For Glibc, the equivalent (MD5-based) would be$1$. You just need to generate the passwords with a different tool. Here's an example:You can copy this hash into your
ftpd.passwdfile in theusername:hashformat, and it should work.Expanding on @bonsaiviking's answer you can generate the openssl md5 password and add it to the ftpd.passwd file in one line using htpasswd's batch mode -b, and plaintext -p options as follows:
The example above (Ubuntu) also creates a new ftpd.passwd file if it doesn't exist using -c
The two commands that you show are equivalent because the
-doption tells htpasswd to use crypt which is the default for most operating systems.If you want passwords hashed with md5 then you should use
-mWhich shows that test's password has been encrypted using md5.