dsartain |
02-05-2007 11:17 PM |
FTP Authentication problems
I was using vsftpd as my ftp server, then I ran into an issue with it not letting me access /var/www/html so I uninstalled and installed from source...
Now I have this error when I try to log in...
Quote:
Connected to the24hourshow.
220 localhost.localdomain FTP server (Version 5.60) ready.
334 Using authentication type GSSAPI; ADAT must follow
GSSAPI accepted as authentication type
GSSAPI error major: Unspecified GSS failure. Minor code may provide more information
GSSAPI error minor: No credentials cache found
GSSAPI error: initializing context
GSSAPI authentication failed
334 Using authentication type KERBEROS_V4; ADAT must follow
KERBEROS_V4 accepted as authentication type
Kerberos V4 krb_mk_req failed: You have no tickets cached
|
So I uninstalled that and installed proftpd hoping that would fix it, still nothing...Any ideas??
/etc/xinetd.d/proftpd file:
Quote:
default: off
service ftp
{
flags = REUSE
socket_type = stream
instances = 50
wait = no
user = root
server = /usr/local/sbin/proftpd
# bind = <the-ip-you-wish-to-bind-to>
# log_on_success = HOST PID
# log_on_failure = HOST
disable = no
}
|
proftpd.conf file :
Quote:
# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use. It establishes a single server
# and a single anonymous login. It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.
ServerName "ProFTPD"
ServerType standalone
DefaultServer on
# Port 21 is the standard FTP port.
Port 21
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 022
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd).
MaxInstances 30
# Set the user and group under which the server will run.
User root
Group root
# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
#DefaultRoot ~
# Normally, we want files to be overwriteable.
AllowOverwrite on
# Bar use of SITE CHMOD by default
<Limit SITE_CHMOD>
DenyAll
</Limit>
# A basic anonymous configuration, no upload directories. If you do not
# want anonymous users, simply delete this entire <Anonymous> section.
#<Anonymous ~ftp>
# User ftp
# Group ftp
# # We want clients to be able to login with "anonymous" as well as
"ftp"
# UserAlias anonymous ftp
# # Limit the maximum number of anonymous logins
# MaxClients 10
# We want 'welcome.msg' displayed at login, and '.message' displayed
# in each newly chdired directory.
# DisplayLogin welcome.msg
# DisplayFirstChdir .message
# Limit WRITE everywhere in the anonymous chroot
# <Limit WRITE>
# DenyAll
# </Limit>
#</Anonymous>
AuthPAMAuthoritative on
|
/etc/pam.d/ftp :
Quote:
auth required /lib/security/pam_listfile.so item=user sense=deny
file=/etc/ftpusers onerr=succeed
auth required /lib/security/pam_pwdb.so shadow nullok
account required /lib/security/pam_pwdb.so
session required /lib/security/pam_pwdb.so
|
I want it to use PAM for authentication as local users will be logging on...any ideas on how to fix this??
|