The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Proftpd Username Removed from passwd.vhosts.

Discussion in 'General Discussion' started by Madflojo, May 24, 2006.

  1. Madflojo

    Madflojo Registered

    Joined:
    Dec 20, 2005
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Lately on some of the cPanel boxes that i watch over I have noticed that the plain username has been removed from the passwd.vhosts suddenly. However username@domain.tld exists and works just like normal.

    Has there been any kind of "security" updates or changes to cPanel that is removing the regular username from the passwd.vhosts. Also /scripts/ftpupdate does not readd just the username like it used to. I've already checked everything that i can thiink of checking and right now I'm of the opinion that this is something that got changed?
     
  2. Madflojo

    Madflojo Registered

    Joined:
    Dec 20, 2005
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    update

    After copying the ftpupdate file in /usr/local/cpanel/bin from a cpanel 9 install to this cpanel 10 install that is experiencing the issue it seems that when i run ftpupdate it puts the username:encryptedpasswd entry back into the passwd.vhosts.

    So ya.... was a change made cus i havent been able to find anything on a change log referencing this?
     
  3. ninja_byte

    ninja_byte Member

    Joined:
    May 6, 2004
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    1
    I've seen this as well.

    Summary:
    in the past, the proftpd password file(/etc/proftpd/passwd.vhosts) has two types of password entries
    1. main users ('bob5555')
    2. Additional FTP users ('webmaster@bob5555domain.com')

    At an unknown time, presumably during a cpanel update, all of the 'main users' were removed from the /etc/proftpd/passwd.vhosts file.

    Question:
    Is this *an error*?
    or
    Is this *a security policy change*?


    I for one wouldn't mind either one, I just wanna have an official answer, or confirmation that this issue exists amongst others using cpanel.
     
Loading...

Share This Page