First off, credit for this fix on OS X 10.6.2 goes to Geoff Watts from his two tweets.

If you're using Snow Leopard, you'll find that the current version of MacFusion refuses to complete a connection to a remote server. You can fix this in two steps:

First, quit MacFusion.

Second, open System Preferences and then open the MacFUSE pane. Check the "Show Beta Versions" box and click "Check For Updates". Go ahead and update MacFUSE.

Third, open up a terminal and do the following:

rm /Applications/Macfusion.app/Contents/PlugIns/sshfs.mfplugin/Contents/Resources/sshnodelay.so

Your MacFusion installation should now be working on Snow Leopard. I've tested SSH and FTP connectivity so far, and they both appear to be working. Thanks again to Geoff for the fix!

Fix MacFusion on Snow Leopard is a post from: Major Hayden's Racker Hacker blog.

Thanks for following the blog via the RSS feed. Please don't copy my posts or quote portions of them without attribution.

First, you'll need to make a new self-signed SSL certificate (if you don't have a key and certificate available already):

openssl req -new -newkey rsa:1024 -days 365 -nodes -x509 -keyout server.key -out server.crt

Once you have the key and certificate made, you'll need to concatenate them into a PEM file:

# cat server.key > /etc/vsftpd/server.pem
# cat server.crt >> /etc/vsftpd/server.pem

Now, simply adjust the vsftpd configuration file to enable SSL encryption:

ssl_enable=YES
force_local_data_ssl=NO
force_local_logins_ssl=NO
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=YES
rsa_cert_file=/etc/vsftpd/server.pem

Once that's complete, restart vsftpd and you will be able to connect to your FTP server using SSL/TLS encryption.

Further Reading:
Manpage of vsftpd.conf

Adding SSL encryption to vsftpd is a post from: Major Hayden's Racker Hacker blog.

Thanks for following the blog via the RSS feed. Please don't copy my posts or quote portions of them without attribution.

500 OOPS: cannot change directory:/home/someuser
500 OOPS: child died

You can search for a solution in this order:

Home Directory
Does the user's home directory even exist? Check /etc/passwd for the current home directory for the user and see what's set:

# grep someuser /etc/passwd
someuser:x:10001:2524::/var/www/someuser:/bin/bash

In this case, does /var/www/someuser exist? If it doesn't, fix that and then move onto the next solution if you're still having problems.

File/Directory Permissions
Be sure that the user that you are logging in as actually has permissions to be in the directory. This affects users that have home directories of /var/www/html because the execute bit normally isn't set for the world on /var/www or /var/www/html. Make sure that the appropriate permissions and ownerships are set, and this should help eliminate the issue.

SELINUX
If SELINUX is rearing its ugly head on the server, this can be a problem. Check your current SELINUX status and disable it if necessary:

# setenforce
Enforcing
# setenforce 0

Try to login over FTP again and you should have a success. If you want to turn off SELINUX entirely, adjust /etc/sysconfig/selinux (RHEL4) or /etc/selinux/config (RHEL5).

500 OOPS error from vsftpd is a post from: Major Hayden's Racker Hacker blog.

Thanks for following the blog via the RSS feed. Please don't copy my posts or quote portions of them without attribution.

ListOptions -a

Make sure to restart proftpd afterwards and re-connect to the FTP server to see the changes.

Show hidden dot files in proftpd is a post from: Major Hayden's Racker Hacker blog.

Thanks for following the blog via the RSS feed. Please don't copy my posts or quote portions of them without attribution.

<IfModule mod_tls.c>
    TLSEngine on
    TLSLog /var/ftpd/tls.log
    TLSRequired off
    TLSRSACertificateFile /usr/share/ssl/certs/server.crt
    TLSRSACertificateKeyFile /usr/share/ssl/private/server.key
    TLSCACertificateFile /usr/share/ssl/certs/cacert.crt
    TLSVerifyClient off
    TLSRenegotiate required off
</IfModule>

To require SSL/TLS on all connections, change TLSRequired to on. Of course, replace the certificate, key, and CA certificate (if applicable) to the correct files on your system.

Once you're all done, close your FTP connection and make a new one. There is no need to restart xinetd.

Add SSL/TLS support to proftpd is a post from: Major Hayden's Racker Hacker blog.

Thanks for following the blog via the RSS feed. Please don't copy my posts or quote portions of them without attribution.

• Create the user with the home directory as the root of what they can access
• Give the user a password
• Make their primary group psacln
• Add them to the psaserv group as well

# useradd username -d /var/www/html/website/slideshow/
# echo "password" | passwd username --stdin
Changing password for user username.
passwd: all authentication tokens updated successfully.
# usermod -g psacln username
# usermod -G psaserv username
# lftp username:password@localhost
lftp username@localhost:/> cd ..
lftp username@localhost:/>

Adding chrooted FTP users outside of Plesk is a post from: Major Hayden's Racker Hacker blog.

Thanks for following the blog via the RSS feed. Please don't copy my posts or quote portions of them without attribution.

For example, if the server is on Central Time, all of the files will seem to be created 6 hours after they were really created. The filesystem will show something like 10AM, but the FTP client will say 4PM. Luckily, there is a fix!

Add the following to your /etc/proftpd.conf file and you should be good to go:

TimesGMT off
SetEnv TZ :/etc/localtime

ProFTPD shows incorrect GMT time with Plesk is a post from: Major Hayden's Racker Hacker blog.

Thanks for following the blog via the RSS feed. Please don't copy my posts or quote portions of them without attribution.

<IfModule mod_tls.c>
TLSEngine on
TLSRequired off
TLSRSACertificateFile /etc/httpd/conf/ssl.crt/server.crt
TLSRSACertificateKeyFile /etc/httpd/conf/ssl.key/server.key
TLSVerifyClient off
</IfModule>

Enabling SSL in ProFTPD is a post from: Major Hayden's Racker Hacker blog.

Thanks for following the blog via the RSS feed. Please don't copy my posts or quote portions of them without attribution.

For vsftpd, change the umask for files created by FTP users. Open the vsftpd.conf file and edit the following:

     local_umask = 077     <-- old
     local_umask = 022     <-- new

For proftpd, change the umask for files created by FTP users. Open the proftpd.conf file and edit the following:

     Umask 022

This makes sure that new files are chmodded as 775 (full read/write for users/group, but only read for everyone else).

Next, create a new group. We will call ours "sharedweb":

     groupadd sharedweb

Now, put the users into that group by adding them in /etc/group:

     sharedweb:*:##:ann,bill,carl

Modify the users so that their primary group is sharedweb. If you forget this step, when they make new FTP files, they will be owned by each user's primary group (sometimes named the same as the user on some systems) and the permissions will be completeld hosed.

     usermod -g ann sharedweb
     usermod -g bill sharedweb
     usermod -g carl sharedweb

Restart vsftpd to pick up the new configuration and your users should be able upload, delete, and edit each other's files.

Group Editing With FTP is a post from: Major Hayden's Racker Hacker blog.

Thanks for following the blog via the RSS feed. Please don't copy my posts or quote portions of them without attribution.