![]() |
![]() |
If you have trouble connecting from WS_FTP Pro to a FreeBSD host, you probably need to tweak an SSH setting on the FreeBSD server. WS_FTP Pro has a strange bug or something that causes error messages like this to appear in /var/log/auth.log:
Oct 20 10:26:46 www sshd[53342]: fatal: mm_request_receive_expect: read: rtype 48 != type 46
In /etc/ssh/sshd_config find and change the following line:
# If you have this set to 'no', WS_FTP Pro has trouble connecting. #PasswordAuthentication no # Set it to 'yes' so that WS_FTP Pro can connect. PasswordAuthentication yes
This has been tested with FreeBSD 7.0-RELEASE only.
First, install denyhosts:
[consolibyte@www ~]$ cd [consolibyte@www ~]$ cd /usr/ports/security/denyhosts/ [consolibyte@www /usr/ports/security/denyhosts]$ sudo make install
Now, add this line to /etc/rc.conf to make denyhosts start on system boot:
denyhosts_enable="YES"
You'll want to create a hosts.deny file as well:
[consolibyte@www ~]$ sudo touch /etc/hosts.deny
Create an allowed-hosts file which is a list of IP addresses (one per line) that you never want to block (i.e. always allow these IP addresses):
[consolibyte@www ~]$ sudo edit /usr/local/share/denyhosts/data/allowed-hosts
You need to make several edits to your hosts.allow file:
*** THIS IS NOT A COMPLETE hosts.allow FILE, JUST MAKE THESE EDITS TO THE DEFAULT FILE *** # Comment out this line so you can block hosts #ALL : ALL : allow # Add these lines in the SSH section: sshd : /etc/hosts.deny : deny sshd : ALL : allow
Now, configure denyhosts by editing /usr/local/etc/denyhosts.conf. Make sure these are set like this:
*** THIS IS NOT A COMPLETE denyhosts.conf FILE, JUST MAKE THESE EDITS TO THE DEFAULT FILE *** # Mandrake, FreeBSD or OpenBSD: SECURE_LOG = /var/log/auth.log # Some BSD (FreeBSD) Unixes: #HOSTS_DENY = /etc/hosts.allow HOSTS_DENY = /etc/hosts.deny # To only record the offending host and nothing else (if using # an auxilary file to list the hosts). Refer to: # http://denyhosts.sourceforge.net/faq.html#aux BLOCK_SERVICE = # WORK_DIR: the path that DenyHosts will use for writing data to # (it will be created if it does not already exist). # # Note: it is recommended that you use an absolute pathname # for this value (eg. /home/foo/denyhosts/data) # WORK_DIR = /usr/local/share/denyhosts/data
Add these lines to your /etc/rc.conf file:
sendmail_enable="NO" sendmail_submit_enable="NO" sendmail_outbound_enable="NO" sendmail_msp_queue_enable="NO"
Your /etc/rc.conf file should be configured as follows:
hostname="www.example.com" ifconfig_bge1="inet 208.81.124.10 netmask 255.255.255.248" defaultrouter="208.81.124.9" ifconfig_bge1_alias0="inet 208.81.124.11 netmask 255.255.255.255 broadcast 208.81.124.11" ifconfig_bge1_alias1="inet 208.81.124.12 netmask 255.255.255.255 broadcast 208.81.124.12" ifconfig_bge1_alias2="inet 208.81.124.13 netmask 255.255.255.255 broadcast 208.81.124.13" ifconfig_bge1_alias3="inet 208.81.124.14 netmask 255.255.255.255 broadcast 208.81.124.14"
Getting the date/time:
$ date Mon Mar 23 15:14:48 EDT 2009
Setting the date/time (the parameter to date is in the format “yymmddhhmm”):
$ date 0903251525 Wed Mar 25 15:25:00 EDT 2009
As root, type “hostname <new hostname>”, and the hostname will be changed immediately. To make this change permanent across reboots, edit the file '/etc/rc.conf', and add the following line:
hostname="new.host.name"
The '/etc/rc.conf' file is described here:
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/configtuning-core-configuration.html