vsftpd pam authentication

mikeseal · 02-06-2005, 06:44 AM

I am running vsftpd (2.0.1 rel 5) on Fedora Core 3 and trying to setup PAM (0.77 rel 66.2) to provide virtual user authentication.

I have tried generating the db file using Berkeley DB version 3.x and 4.x

when I try to log into the ftp server I get the request to enter a username and password. what every account I try to log in as I get a 530 login incorrect.

I have looked at the /var/messages file and this shows the following error.

(pam_unix)[15522]: authentication failure; login= uid=0 euid=0 tty= ruser= rhost=192.168.0.1 user=user1

followed by

pam_userdb[15522]: user_lookup: could not open database `/etc/vsftpd_logins.db'

I have been trying for days to get this sorted and seem to be getting nowhere. Any help will be gladly appreciated.

ginda · 02-06-2005, 07:19 AM

How have you setup vstpd? paste the config file....

mikeseal · 02-06-2005, 08:26 AM

config files as requested......

messages file
==========
Feb 6 12:02:29 server vsftpd(pam_unix)[15522]: authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=192.168.103.1 user=user1
Feb 6 12:02:29 server pam_userdb[15522]: user_lookup: could not open database `/etc/vsftpd_logins.db'

pam config file
==========
auth required /lib/security/pam_userdb.so db=/etc/vsftpd_logins.db
account required /lib/security/pam_userdb.so db=/etc/vsftpd_logins.db

vsftpd.conf
========
anon_world_readable_only=NO
anonymous_enable=NO
chroot_local_user=YES
guest_enable=YES
guest_username=virtual
hide_ids=YES
listen=YES
listen_address=192.168.103.248
local_enable=YES
max_clients=3
max_per_ip=1
nopriv_user=vsftp
pam_service_name=vsftpd
pasv_max_port=65535
pasv_min_port=64000
session_support=NO
use_localtime=YES
user_config_dir=/etc/vsftpd/users
userlist_enable=YES
userlist_file=/etc/vsftpd.user_list
xferlog_enable=YES
anon_umask=0027
async_abor_enable=YES
connect_from_port_20=YES
dirlist_enable=NO
download_enable=NO

zoropio · 07-26-2006, 10:14 PM

I am having the same rpoblem.

Did you find a solution???

noobinacan · 09-21-2006, 03:04 PM

Help us - we're melting!
I got the same thing too. thanks

Connecting to 192.168.1.254:21
Connected to 192.168.1.254:21 in 0.000000 seconds, Waiting for Server Response
220 (vsFTPd 2.0.5)
Host type (1): Automatic Detect
USER Ninja
530 Permission denied.
USER Ninja
530 Permission denied

Despot · 03-14-2010, 05:33 PM

Found a solution to this problem here: http://fixunix.com/debian/129361-pam...tpd-sarge.html

Turns out pam_user_db automatically appends ".db" to the filename that's given to the module as the "db" argument. If you name your database "/foo/bar/blah.db", put "/foo/bar/blah" as the module argument, and it should work.

Hopefully this'll help somebody!