[Bug 1975567] Re: Proftpd 1.3.7c not working with openssl 3

Boris Tassou 1975567 at bugs.launchpad.net
Mon Jul 24 12:58:58 BST 2023 

** Description changed:

  [ Impact ]
  
  On ubuntu 22.04, the current version of Proftpd 1.3.7c+dfsg-1build1 with
  the module sftp doesn't work with openssl 3.0.
  
  [ Test Plan ]
  
  Install proftpd with sftp module on ubuntu 22.04 and create a virtual
  account.
+ 
+ Installation details :
+ apt install proftpd-basic
+ 
+ echo "
+ <IfModule mod_sftp.c>
+     <VirtualHost X.X.X.X>
+         # Configure the server to listen on port
+         Port 2222
+         SFTPEngine on
+         SFTPLog /var/log/proftpd/sftp.log
+         TransferLog /var/log/proftpd/transfer.log
+         # Configure both the RSA and DSA host keys, using the same host key
+         # files that OpenSSH uses.
+         SFTPHostKey /etc/proftpd/ssh_host_rsa_key
+         # Auth methods
+         SFTPAuthMethods    password
+         AuthUserFile       /etc/proftpd/ftpd.passwd
+         RequireValidShell off
+         # SFTP specific configuration
+         DefaultRoot ~
+         # Some ftp options
+         SFTPOptions IgnoreSFTPSetPerms IgnoreSFTPUploadPerms
+         Umask	002	002
+         AllowOverwrite    on
+ 
+     </VirtualHost>
+ </IfModule>" > /etc/proftpd/conf.d/sftpd.conf
+ 
+ 
+ echo "
+ # Use only AuthUserFiles when authenticating, and not the system's /etc/passwd
+ AuthOrder mod_auth_file.c
+ 
+ # Use virtual users file
+ AuthUserFile                    /etc/proftpd/ftpd.passwd" >> /etc/proftpd/proftpd.conf
+ 
+ Uncomment in /etc/proftpd/modules.conf :
+ # Install proftpd-mod-crypto to use this module for SFTP support.
+ LoadModule mod_sftp.c
+ LoadModule mod_sftp_pam.c
+ 
+ 
+ ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --uid=59999 --home=/home/user --shell=/bin/false --sha256 --name=sftp_test
+ 
+ cp /etc/ssh/ssh_host_rsa_key /etc/proftpd/ssh_host_rsa_key
+ cp /etc/ssh/ssh_host_rsa_key.pub /etc/proftpd/ssh_host_rsa_key.pub
+ 
+ systemctl restart proftpd
  
  [ Where problems could occur ]
  
  When you try to connect with sftp.
  The result of this issue is : you can't connect with sftp.
  
  [ Other Info ]
  
  You can see two issues with the same problem :
  
  https://github.com/proftpd/proftpd/issues/1448
  https://github.com/proftpd/proftpd/issues/1469
  
  The problem for sftp module is fixed in 1.3.7e version :
  1.3.7e
  --------------------------------
  - Issue 1448 - Ensure that mod_sftp algorithms work properly with OpenSSL 3.x.
  
  https://github.com/proftpd/proftpd/blob/1.3.7/NEWS
  
  This is the commit for the fix :
  https://github.com/proftpd/proftpd/commit/8aa39b27d8fd6ada556b51c4547a504956474078
  
  Thanks for the help.

-- 
You received this bug notification because you are a member of ProFTPD
Maintainance Team, which is subscribed to proftpd-dfsg in Ubuntu.
https://bugs.launchpad.net/bugs/1975567

Title:
  Proftpd 1.3.7c not working with openssl 3

Status in proftpd-dfsg package in Ubuntu:
  Fix Released
Status in proftpd-dfsg source package in Jammy:
  Confirmed

Bug description:
  [ Impact ]

  On ubuntu 22.04, the current version of Proftpd 1.3.7c+dfsg-1build1
  with the module sftp doesn't work with openssl 3.0.

  [ Test Plan ]

  Install proftpd with sftp module on ubuntu 22.04 and create a virtual
  account.

  Installation details :
  apt install proftpd-basic

  echo "
  <IfModule mod_sftp.c>
      <VirtualHost X.X.X.X>
          # Configure the server to listen on port
          Port 2222
          SFTPEngine on
          SFTPLog /var/log/proftpd/sftp.log
          TransferLog /var/log/proftpd/transfer.log
          # Configure both the RSA and DSA host keys, using the same host key
          # files that OpenSSH uses.
          SFTPHostKey /etc/proftpd/ssh_host_rsa_key
          # Auth methods
          SFTPAuthMethods    password
          AuthUserFile       /etc/proftpd/ftpd.passwd
          RequireValidShell off
          # SFTP specific configuration
          DefaultRoot ~
          # Some ftp options
          SFTPOptions IgnoreSFTPSetPerms IgnoreSFTPUploadPerms
          Umask	002	002
          AllowOverwrite    on

      </VirtualHost>
  </IfModule>" > /etc/proftpd/conf.d/sftpd.conf

  
  echo "
  # Use only AuthUserFiles when authenticating, and not the system's /etc/passwd
  AuthOrder mod_auth_file.c

  # Use virtual users file
  AuthUserFile                    /etc/proftpd/ftpd.passwd" >> /etc/proftpd/proftpd.conf

  Uncomment in /etc/proftpd/modules.conf :
  # Install proftpd-mod-crypto to use this module for SFTP support.
  LoadModule mod_sftp.c
  LoadModule mod_sftp_pam.c

  
  ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --uid=59999 --home=/home/user --shell=/bin/false --sha256 --name=sftp_test

  cp /etc/ssh/ssh_host_rsa_key /etc/proftpd/ssh_host_rsa_key
  cp /etc/ssh/ssh_host_rsa_key.pub /etc/proftpd/ssh_host_rsa_key.pub

  systemctl restart proftpd

  [ Where problems could occur ]

  When you try to connect with sftp.
  The result of this issue is : you can't connect with sftp.

  [ Other Info ]

  You can see two issues with the same problem :

  https://github.com/proftpd/proftpd/issues/1448
  https://github.com/proftpd/proftpd/issues/1469

  The problem for sftp module is fixed in 1.3.7e version :
  1.3.7e
  --------------------------------
  - Issue 1448 - Ensure that mod_sftp algorithms work properly with OpenSSL 3.x.

  https://github.com/proftpd/proftpd/blob/1.3.7/NEWS

  This is the commit for the fix :
  https://github.com/proftpd/proftpd/commit/8aa39b27d8fd6ada556b51c4547a504956474078

  Thanks for the help.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1975567/+subscriptions

More information about the Pkg-proftpd-maintainers mailing list