Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
when i try to login to the ftp server with the new user created for ftp,it says "530 Login Incorrect" though the username and password is correct. But the previous ftp users can login so i don't know where m i going wrong...even the file permissions are correct..
Check out /etc/ftpusers or was it /etc/ftpuser? Maybe this one gets used in addition to anything you configured the ftp server itself for. While at it what ftp server are you using?
To rule out any typos with the username and password if it's a system user try logging in.
well /etc/ftpuser looks ok....it isn't that the new user is the first ftp user,there are other existing user already and i can login via those...it's just that the new user is giving that error when trying to login so m completely blank now..
the log doesnt show logs with that new user created..
my vsftpd conf is:
Code:
Ftp5
# Example config file /etc/vsftpd/vsftpd.conf
#
# The default compiled in settings are fairly paranoid. This sample file
# loosens things up a bit, to make the ftp daemon more usable.
# Please see vsftpd.conf.5 for all compiled in defaults.
#
# READ THIS: This example file is NOT an exhaustive list of vsftpd options.
# Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
# capabilities.
#
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=NO
#
# Uncomment this to allow local users to log in.
local_enable=YES
#
guest_enable=YES
# Uncomment this to enable any form of FTP write command.
#
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
local_umask=022
anon_umask=002
#
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
anon_upload_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
write_enable=YES
#
# Activate directory messages - messages given to remote users when they
# go into a certain directory.
dirmessage_enable=YES
#
# Activate logging of uploads/downloads.
xferlog_enable=YES
#
# Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
#
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using "root" for uploaded files is not
# recommended!
chown_uploads=YES
chown_username=ftp
#
# You may override where the log file goes if you like. The default is shown
# below.
xferlog_file=/var/log/vsftpd.log
#
# If you want, you can have your log file in standard ftpd xferlog format
xferlog_std_format=YES
#
# You may change the default value for timing out an idle session.
idle_session_timeout=600
#
# You may change the default value for timing out a data connection.
data_connection_timeout=120
#
# It is recommended that you define on your system a unique user which the
# ftp server can use as a totally isolated and unprivileged user.
nopriv_user=ftp
#
# Enable this and the server will recognise asynchronous ABOR requests. Not
# recommended for security (the code is non-trivial). Not enabling it,
# however, may confuse older FTP clients.
#async_abor_enable=YES
#
# By default the server will pretend to allow ASCII mode but in fact ignore
# the request. Turn on the below options to have the server actually do ASCII
# mangling on files when in ASCII mode.
# Beware that on some FTP servers, ASCII support allows a denial of service
# attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
# predicted this attack and has always been safe, reporting the size of the
# raw file.
# ASCII mangling is a horrible feature of the protocol.
#ascii_upload_enable=YES
#ascii_download_enable=YES
#
# You may fully customise the login banner string:
ftpd_banner=Authorized Access Only!!
#
# You may specify a file of disallowed anonymous e-mail addresses. Apparently
# useful for combatting certain DoS attacks.
#deny_email_enable=YES
# (default follows)
#banned_email_file=/etc/vsftpd/banned_emails
#
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
#chroot_list_enable=YES
# (default follows)
#chroot_list_file=/etc/vsftpd/chroot_list
#
chroot_local_user=YES
# You may activate the "-R" option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
# the presence of the "-R" option, so there is a strong case for enabling it.
ls_recurse_enable=YES
#
# When "listen" directive is enabled, vsftpd runs in standalone mode and
# listens on IPv4 sockets. This directive cannot be used in conjunction
# with the listen_ipv6 directive.
listen=YES
#
# This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6
# sockets, you must run two copies of vsftpd whith two configuration files.
# Make sure, that one of the listen options is commented !!
#listen_ipv6=YES
pam_service_name=vsftpd-virtual
userlist_enable=YES
userlist_deny=NO
tcp_wrappers=YES
hide_ids=YES
pasv_min_port=62222
pasv_max_port=63333
user_sub_token=$USER
local_root=/var/ftp/pub/$USER
virtual_use_local_privs=YES
max_clients=10
max_per_ip=10
#pasv_address=
we have other 3 ftp users through which i can login..only the new user isn't...the previous users weren't created by me and these users were there in user_list file so i added the new one there and restarted vsftpd and also created the home directory for that new user as it's required...in this server instead of virtual-user.txt,user_list is used for maintainig users and passwords and change as been made in vsftpd.conf as well.
everything is same...just don't understnad why the new user is not able to login....
What are the directory privileges to which this user is set on login ,
let's say the userdir is:
/home/users/someuser
and the directory privileges are "700" ?
Maybe the directory doesn't exist ?
Those two settings go together and are affecting each other. So if you set userlist_enable you make vsftpd to check that file for the username thats logging in. And if found the access is denied. BUT when you set the option of userlist_deny to NO. Only those users inside the userlist are allowed. (Dunno who came up with this )
But as you also have local_enable set to yes. I would set userlist_enable to NO and so only allowing local users to login. (If I understand the man page right).
Your are saying that "in this server instead of virtual-user.txt,user_list is used". I can't find any option for this inside the config...
Did you try to login with the new user you created on the system itself? Not ftp. Just plain bash login or ssh or similar.
Nother things to check on. As you are using the pam module pam_service_name=vsftpd-virtual check the file /etc/pam.d/vsftpd-virtual to see whats going on there. Also see if you can get some debug of the pam module.
ya that's what.. user-list should not have been used for maintaining the user and their passwords.. instead virtual-users.txt should have used which we need to create it ourselves....
but i can't do that now because the database will be using the user_list file so it might block the old ftp users..
well i tired doing ssh but still couldnt login..as i'm on a different local machine i did 'ssh username@x.com'(names have been changed) but couldnt login..
and ya lithos,the directory permission are correct..it's same as that of the other users..
Last edited by SarahGurung; 06-01-2012 at 03:40 AM.
well i tired doing ssh but still couldnt login..as i'm on a different local machine i did 'ssh username@x.com'(names have been changed) but couldnt login..
If you can't login in with the newly created user there is your problem. I guess something went wrong creating the user. Maybe the logs for SSH give a clue why this is so. do a
Code:
ssh -vvv username@x.com
to get some diagnostic output from the client. But the login failure could be due to only key login allowed within ssh.
If you have console access try login directly.
Maybe create a new user and see if you can login with that over ssh?
vsftpd has been used for the ftp server....so for doing ssh into the server it's a differnt case but if i want to do ftp into the server say via browser or file client then i need to have separate users created as this is required by the vsftpd conf file.. so this is done via text files and all..
so m sayin i have created a new user for ftp(uploading and downloadin) but i cant loging with this user whereas the old users can login in...
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
)
