I noticed that ProFTPd took a few seconds to connect. On a LAN, it should be instant.
Sniffing traffic, it seemed that ProFTPd was first making an auth request using the ident protocol before falling back to user/pass authentication. This seems to be the standard behaviour according to RFC’s 912, 931 and 1413
Some google searching turned up a page over at metafilter concerning connection delay.
Adding this to the ProFTPd configuration file disabled the auth checks and made connecting/authorising instant, as it should be.
IdentLookups off
On Debian, the ProFTPd config file is at /etc/proftpd/proftpd.conf
Thanks! 😀
Found your blog entry through Google, after having read many irrelevant and foolish tips elsewhere (e.g. firewall blocking DNS lookup requests). This single configuraion directive did the trick!
The Ident protocol should IMO be buried many, many years ago. Why it is used by default by ProFTPd is beyond me. Most people connect from computers behind a NAT! And how many people are interested in having an identd service open to the outside world anyway?
Thanks! I’ve been wondering why is it taking soooo long…. Nice tip 😉