What should be done:
- Install Dante server and PAM library
- Edit Dante configuration file “/etc/danted.conf”
- Add PAM configuration file
- Create user accounts
- Start the server and check settings
- Troubleshoot
1. Install Dante server and PAM library
I wanted to restrict access to my SOCKS server but didn’t want to add local users and authenticate against them. Also IP based restriction was out of the question as our users IP is dynamic. A PAM (Pluggable Authentication Module) library would be ideal for that regard. To install, run the following command:
|
1
|
sudo apt–getinstall dante–server libpam–pwdfile
|
2. Edit Dante configuration file
Back up the original configuration file
|
1
|
sudo mv/etc/danted.conf/etc/danted.conf.bak
|
Open vim or your favorite text editor
|
1
|
sudo vim/etc/danted.conf
|
Copy and paste following lines. Its very simple configuration that allows every client with an account to access the server so you may want to edit this so it fits your needs.
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
## general configuration
internal:eth0 port=443
external:eth0
method:pam
user.privileged:root
user.notprivileged:nobody
user.libwrap:nobody
logoutput:stderr
## client access rules
clientpass{from:0.0.0.0/0to:0.0.0.0/0}
## server operation access rules
# allow the rest
pass{
from:0.0.0.0/0to:0.0.0.0/0
method:pam
}
|
You can read more about Dante server configuration here.
3. Add PAM configuration file
When I installed Dante, it didn’t create any file in “/etc/pam.d” folder but if there is any, we need to make a back up.
|
1
|
sudo mv/etc/pam.d/sockd/etc/pam.d/sockd.bak
|
and create a new file
|
1
|
sudo vim/etc/pam.d/sockd
|
Copy and paste following lines and save the file
|
1
2
|
auth required pam_pwdfile.sopwdfile/etc/danted/socks.passwd
account required pam_permit.so
|
4. Create user accounts
I used htpasswd to register users so I assumed that you have apache2 installed on your server. We have to create a folder to put our virtual accounts database there.
|
1
|
sudo mkdir/etc/danted
|
then use following command to register users
if cannot find htpasswd command user this command “sudo apt-get install apache2-utils“
|
1
|
sudo htpasswd cd/etc/danted/socks.passwd auser
|
The command will ask you for a password. Minor problem with htpasswd command is that your passwords can not be larger than 8 characters.
-c argument will make new file and -d will force MD5. For creating additional users you only need to use -d argument.
5. Starting server
To start the server enter following command
|
1
|
/etc/init.d/danted start
|
To stop the server
|
1
|
/etc/init.d/danted stop
|
If you’re lucky enough your server will start without any problems. If not please refer to troubleshooting step.
To test your server you need a SOCKS 5 client that could handle authentication. I don’t know about linux but you can use Proxifier if you’re using windows.
6. Troubleshooting
The only problem I encountered while setting up the server was getting following error after started the server:
|
1
|
symbolfunction():compiletime configuration error?Failed toopen“libc.so”:/usr/lib/x86_64–linux–gnu/
|
After a bit of digging I found out that this is a bug exist in Ubuntu 12.04. Anyway you can solve the problem with below command
|
1
2
|
cd/lib/x86_64–linux–gnu
sudo ln–slibc.so.6libc.so
|
Hope this helps some people who had trouble setting up Dante server.
Source http://devmash.net/setup-dante-server-with-virtual-user-accounts-on-ubuntu/
and http://www.linuxquestions.org/questions/linux-networking-3/unable-to-find-htpasswd-command-932076/