LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 03-21-2005, 08:12 AM   #1
buffed317
Member
 
Registered: Jun 2004
Location: New Jersey, USA
Distribution: Slackware 11
Posts: 191

Rep: Reputation: 31
vsftpd login problem


i am trying to get an ftp serer going using vsftpd. i try logging into the server with gftp and get this message:

Looking up localhost
Trying localhost:21
Connected to localhost:21
220 Welcome to blah FTP service.
USER brian

331 Please specify the password.
PASS xxxx
530 Login incorrect.
Disconnecting from site localhost

user brian is a user that can log into the computer (is that a local user?). below is a copy of the vsftpd.conf file.(note: user brian is not in the /etc/vsftpd.user_list file)

# Example config file /etc/vsftpd.conf
#
# The default compiled in settings are fairly paranoid. This sample file
# loosens things up a bit, to make the ftp daemon more usable.
# Please see vsftpd.conf.5 for all compiled in defaults.
#
# READ THIS: This example file is NOT an exhaustive list of vsftpd options.
# Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
# capabilities.
#
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=NO
#
# Uncomment this to allow local users to log in.
local_enable=YES
#
# Uncomment this to enable any form of FTP write command.
write_enable=YES
#
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
#local_umask=022
#
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
#
# Activate directory messages - messages given to remote users when they
# go into a certain directory.
#dirmessage_enable=YES
#
# Activate logging of uploads/downloads.
xferlog_enable=YES
#
# Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
#
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using "root" for uploaded files is not
# recommended!
#chown_uploads=YES
#chown_username=whoever
#
# You may override where the log file goes if you like. The default is shown
# below.
xferlog_file=/var/log/vsftpd.log
#
# If you want, you can have your log file in standard ftpd xferlog format
xferlog_std_format=YES
#
# You may change the default value for timing out an idle session.
#idle_session_timeout=600
#
# You may change the default value for timing out a data connection.
#data_connection_timeout=120
#
# It is recommended that you define on your system a unique user which the
# ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure
#
# Enable this and the server will recognise asynchronous ABOR requests. Not
# recommended for security (the code is non-trivial). Not enabling it,
# however, may confuse older FTP clients.
#async_abor_enable=YES
#
# By default the server will pretend to allow ASCII mode but in fact ignore
# the request. Turn on the below options to have the server actually do ASCII
# mangling on files when in ASCII mode.
# Beware that turning on ascii_download_enable enables malicious remote parties
# to consume your I/O resources, by issuing the command "SIZE /big/file" in
# ASCII mode.
# These ASCII options are split into upload and download because you may wish
# to enable ASCII uploads (to prevent uploaded scripts etc. from breaking),
# without the DoS risk of SIZE and ASCII downloads. ASCII mangling should be
# on the client anyway..
#ascii_upload_enable=YES
#ascii_download_enable=YES
#
# You may fully customise the login banner string:
ftpd_banner=Welcome to blah FTP service.
#
# You may specify a file of disallowed anonymous e-mail addresses. Apparently
# useful for combatting certain DoS attacks.
#deny_email_enable=YES
# (default follows)
#banned_email_file=/etc/vsftpd.banned_emails
#
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
#chroot_list_enable=YES
# (default follows)
#chroot_list_file=/etc/vsftpd.chroot_list
#
# You may activate the "-R" option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
# the presence of the "-R" option, so there is a strong case for enabling it.
#ls_recurse_enable=YES
pam_service_name=vsftpd
listen=YES
local_max_rate=50000
anon_max_rate=50000
max_clients=5
max_per_ip=2
userlist_enable=YES
userlist_file=/etc/vsftpd.user_list


#location of "root" directory
anon_root=/var/ftp

# locks users into there home directory
chroot_local_user=YES




thanks
 
Old 03-21-2005, 10:38 AM   #2
Linux.tar.gz
Senior Member
 
Registered: Dec 2003
Location: Paris
Distribution: Slackware forever.
Posts: 2,493

Rep: Reputation: 96
"user brian is a user that can log into the computer (is that a local user?)."
Yes.
All seems ok, so i presume it's a keyboard problem.

Try to log in on the server with a console:
ftp 127.0.0.1
Then try from another host, always in console:
ftp the.ip.of.server
Then with gftp.
 
Old 03-21-2005, 08:18 PM   #3
buffed317
Member
 
Registered: Jun 2004
Location: New Jersey, USA
Distribution: Slackware 11
Posts: 191

Original Poster
Rep: Reputation: 31
i did all 3 methods you described and nothing happened. when i tried in console no messages came up. if i hit enter with nothing typed in it gives the same response. when i tried gftp it gave me the same message.
 
Old 03-21-2005, 08:31 PM   #4
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 420Reputation: 420Reputation: 420Reputation: 420Reputation: 420
Does it work if you set the userlist_enable back to NO?
 
Old 03-21-2005, 08:59 PM   #5
buffed317
Member
 
Registered: Jun 2004
Location: New Jersey, USA
Distribution: Slackware 11
Posts: 191

Original Poster
Rep: Reputation: 31
i changed it to no and i still get the same error.

if i turn anonymous user on i can log in just fine, as anonymous that is.

Last edited by buffed317; 03-21-2005 at 09:46 PM.
 
Old 03-22-2005, 03:34 AM   #6
Linux.tar.gz
Senior Member
 
Registered: Dec 2003
Location: Paris
Distribution: Slackware forever.
Posts: 2,493

Rep: Reputation: 96
Then try the lines i gave you with a lttle difference:
ftp brian@127.0.0.1
etc...
 
Old 03-22-2005, 12:45 PM   #7
buffed317
Member
 
Registered: Jun 2004
Location: New Jersey, USA
Distribution: Slackware 11
Posts: 191

Original Poster
Rep: Reputation: 31
still the same even when i add the brian@......

Connected to xxxxxxxx:21
220 (vsFTPd 2.0.2)
USER brian

331 Please specify the password.
PASS xxxx
530 Login incorrect.
Disconnecting from site xxxxxxxxx
 
Old 03-22-2005, 01:48 PM   #8
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 420Reputation: 420Reputation: 420Reputation: 420Reputation: 420
This may seem like a strange question, but have you installed PAM or dropline Gnome?
 
Old 03-22-2005, 01:52 PM   #9
buffed317
Member
 
Registered: Jun 2004
Location: New Jersey, USA
Distribution: Slackware 11
Posts: 191

Original Poster
Rep: Reputation: 31
yeah i have dropline installed.

i am not sure about pam but i here is the output of locate pam:

root@work:/usr/sbin# locate pam
/etc/pam.d
/etc/pam.d/su
/etc/pam.d/gdm
/etc/pam.d/xdm
/etc/pam.d/halt
/etc/pam.d/gnome-system-log
/etc/pam.d/login
/etc/pam.d/xserver
/etc/pam.d/other
/etc/pam.d/samba
/etc/pam.d/gdmsetup
/etc/pam.d/xscreensaver
/etc/pam.d/poweroff
/etc/pam.d/dropline-installer
/etc/pam.d/passwd
/etc/pam.d/reboot
/etc/pam.d/shadow
/etc/pam.d/system-auth
/etc/pam.d/useradd
/etc/pam.d/gdm-autologin
/etc/pam.d/time-admin
/etc/pam.d/pkgtool
/etc/security/pam_env.conf
/etc/webmin/pam
/etc/webmin/pam/config
/etc/webmin/spam
/etc/webmin/spam/config
/lib/libpam.so
/lib/libpamc.so.0.78
/lib/libpamc.so
/lib/libpamc.so.0
/lib/modules/2.4.26/kernel/drivers/isdn/tpam
/lib/modules/2.4.26/kernel/drivers/isdn/tpam/tpam.o.gz
/lib/libpam_misc.so.0.78
/lib/security/pam_deny.so
/lib/security/pam_debug.so
/lib/security/pam_timestamp.so
/lib/security/pam_limits.so
/lib/security/pam_cracklib.so
/lib/security/pam_env.so
/lib/security/pam_unix_session.so
/lib/security/pam_filter
/lib/security/pam_filter/upperLOWER
/lib/security/pam_unix_auth.so
/lib/security/pam_ftp.so
/lib/security/pam_postgresok.so
/lib/security/pam_chroot.so
/lib/security/pam_securetty.so
/lib/security/pam_listfile.so
/lib/security/pam_tally.so
/lib/security/pam_mail.so
/lib/security/pam_stack.so
/lib/security/pam_rps.so
/lib/security/pam_userdb.so
/lib/security/pam_issue.so
/lib/security/pam_rhosts_auth.so
/lib/security/pam_time.so
/lib/security/pam_shells.so
/lib/security/pam_motd.so
/lib/security/pam_lastlog.so
/lib/security/pam_localuser.so
/lib/security/pam_stress.so
/lib/security/pam_rootok.so
/lib/security/pam_unix.so
/lib/security/pam_succeed_if.so
/lib/security/pam_filter.so
/lib/security/pam_access.so
/lib/security/pam_warn.so
/lib/security/pam_xauth.so
/lib/security/pam_permit.so
/lib/security/pam_nologin.so
/lib/security/pam_unix_acct.so
/lib/security/pam_mkhomedir.so
/lib/security/pam_group.so
/lib/security/pam_unix_passwd.so
/lib/security/pam_wheel.so
/lib/security/pam_console.so
/lib/security/pam_pwdb.so
/lib/libpam_misc.so
/lib/libpam_misc.so.0
/lib/libpam.so.0
/lib/libpam.so.0.78
/opt/kde/share/apps/kivio/stencils/Dia/Circuit/opamp.shape
/opt/kde/share/apps/kivio/stencils/Dia/Circuit/opamp.xpm
/opt/kde/share/apps/kmail/pics/kmmsgspam.png
/opt/kde/share/apps/kmail/icons/crystalsvg/16x16/actions/mark_as_spam.png
/opt/kde/share/apps/kmail/icons/crystalsvg/22x22/actions/mark_as_spam.png
/opt/kde/share/apps/kmail/icons/crystalsvg/32x32/actions/mark_as_spam.png
/opt/kde/share/apps/kmail/icons/crystalsvg/48x48/actions/mark_as_spam.png
/var/log/packages/pam-0.78-i686-2dl
/var/log/scripts/pam-0.78-i686-2dl
/var/cache/dropline-installer/pam-0.78-i686-2dl.tgz
/usr/bin/spam
/usr/bin/ospam
/usr/bin/pamstretch-gen
/usr/bin/pamendian
/usr/bin/pamstretch
/usr/bin/pamarith
/usr/bin/pamlookup
/usr/bin/pamslice
/usr/bin/pamtohdiff
/usr/bin/pamstack
/usr/bin/pamtopnm
/usr/bin/pamtotga
/usr/bin/pamtouil
/usr/bin/hdifftopam
/usr/bin/pamtohtmltbl
/usr/bin/pamcut
/usr/bin/pamoil
/usr/bin/pamseq
/usr/bin/pamdeinterlace
/usr/bin/pamchannel
/usr/bin/pam-panel-icon
/usr/bin/pamdice
/usr/bin/pamedge
/usr/bin/pamfile
/usr/bin/pamflip
/usr/bin/pamfunc
/usr/bin/pampop9
/usr/doc/openjade-1.3/doc/spam.htm
/usr/lib/bx/help/1_General/spam.bz2
/usr/lib/libpamc.a
/usr/lib/libpam_misc.a
/usr/lib/libpam.a
/usr/man/man1/pamfile.1.gz
/usr/man/man1/pamcut.1.gz
/usr/man/man1/pamchannel.1.gz
/usr/man/man1/pamoil.1.gz
/usr/man/man1/pamtopnm.1.gz
/usr/man/man1/pamstretch-gen.1.gz
/usr/man/man1/pamdice.1.gz
/usr/man/man1/pamdeinterlace.1.gz
/usr/man/man1/pamstretch.1.gz
/usr/man/man3/pam_strerror.3.gz
/usr/man/man3/pam_start.3.gz
/usr/man/man3/pam_set_item.3.gz
/usr/man/man3/pam_open_session.3.gz
/usr/man/man3/pam_get_item.3.gz
/usr/man/man3/pam_chauthtok.3.gz
/usr/man/man3/pam_close_session.3.gz
/usr/man/man3/pam_setcred.3.gz
/usr/man/man3/pam_end.3.gz
/usr/man/man3/pam_authenticate.3.gz
/usr/man/man3/pam_fail_delay.3.gz
/usr/man/man5/pam.5.gz
/usr/man/man8/pam_localuser.8.gz
/usr/man/man8/pam.conf.8.gz
/usr/man/man8/pam.8.gz
/usr/man/man8/pam_rps.8.gz
/usr/man/man8/pam_timestamp_check.8.gz
/usr/man/man8/pam_xauth.8.gz
/usr/man/man8/pam_console.8.gz
/usr/man/man8/pam_stack.8.gz
/usr/man/man8/pam_console_apply.8.gz
/usr/man/man8/pam_postgresok.8.gz
/usr/man/man8/pam.d.8.gz
/usr/man/man8/pam_succeed_if.8.gz
/usr/man/man8/pam_timestamp.8.gz
/usr/man/man8/pam_winbind.8.gz
/usr/src/linux-2.4.26/drivers/net/atari_pamsnet.c
/usr/src/linux-2.4.26/drivers/isdn/tpam
/usr/src/linux-2.4.26/drivers/isdn/tpam/Makefile
/usr/src/linux-2.4.26/drivers/isdn/tpam/tpam_commands.c
/usr/src/linux-2.4.26/drivers/isdn/tpam/tpam_crcpc.c
/usr/src/linux-2.4.26/drivers/isdn/tpam/tpam_queues.c
/usr/src/linux-2.4.26/drivers/isdn/tpam/tpam_nco.c
/usr/src/linux-2.4.26/drivers/isdn/tpam/tpam.h
/usr/src/linux-2.4.26/drivers/isdn/tpam/tpam_hdlc.c
/usr/src/linux-2.4.26/drivers/isdn/tpam/tpam_memory.c
/usr/src/linux-2.4.26/drivers/isdn/tpam/tpam_main.c
/usr/src/linux-2.4.26/include/linux/isdn/tpam.h
/usr/src/linux-2.4.26/include/config/isdn/drv/tpam
/usr/src/linux-2.4.26/include/config/isdn/drv/tpam/module.h
/usr/src/linux-2.4.26/include/config/isdn/drv/tpam.h
/usr/src/linux-2.6.11/drivers/net/atari_pamsnet.c
/usr/src/linux-2.6.11/drivers/isdn/tpam
/usr/src/linux-2.6.11/drivers/isdn/tpam/Makefile
/usr/src/linux-2.6.11/drivers/isdn/tpam/tpam_commands.c
/usr/src/linux-2.6.11/drivers/isdn/tpam/tpam_crcpc.c
/usr/src/linux-2.6.11/drivers/isdn/tpam/Kconfig
/usr/src/linux-2.6.11/drivers/isdn/tpam/tpam_queues.c
/usr/src/linux-2.6.11/drivers/isdn/tpam/tpam_nco.c
/usr/src/linux-2.6.11/drivers/isdn/tpam/tpam.h
/usr/src/linux-2.6.11/drivers/isdn/tpam/tpam_hdlc.c
/usr/src/linux-2.6.11/drivers/isdn/tpam/tpam_memory.c
/usr/src/linux-2.6.11/drivers/isdn/tpam/tpam_main.c
/usr/src/linux-2.6.11/include/linux/isdn/tpam.h
/usr/X11R6/lib/X11/xfig/Libraries/Electrical/Schematic/opamp.fig
/usr/share/dia/shapes/Circuit/opamp.shape
/usr/share/dia/shapes/Circuit/opamp.png
/usr/share/idl/mozilla-1.7/nsISpamSettings.idl
/usr/share/zsh/4.2.0/functions/tcp_spam
/usr/share/zsh/4.2.0/functions/_spamassassin
/usr/share/swat/help/Samba-HOWTO-Collection/pam.html
/usr/share/swat/help/pam_winbind.8.html
/usr/share/icons/hicolor/16x16/stock/net/stock_not-spam.png
/usr/share/icons/hicolor/16x16/stock/net/stock_spam.png
/usr/share/icons/hicolor/24x24/stock/net/stock_not-spam.png
/usr/share/icons/hicolor/24x24/stock/net/stock_spam.png
/usr/share/icons/hicolor/32x32/stock/net/stock_not-spam.png
/usr/share/icons/hicolor/32x32/stock/net/stock_spam.png
/usr/share/icons/hicolor/48x48/stock/net/stock_not-spam.png
/usr/share/icons/hicolor/48x48/stock/net/stock_spam.png
/usr/include/linux/isdn/tpam.h
/usr/include/pam.h
/usr/include/mozilla-1.7/msgbase/nsISpamSettings.h
/usr/include/pammap.h
/usr/include/security/pam_appl.h
/usr/include/security/pam_modules.h
/usr/include/security/_pam_compat.h
/usr/include/security/pam_misc.h
/usr/include/security/pam_client.h
/usr/include/security/_pam_types.h
/usr/include/security/pam_filter.h
/usr/include/security/_pam_macros.h
/sbin/pam_tally
/sbin/pam_console_apply
/sbin/pam_timestamp_check
/root/firestarter-1.0.3/firestarter.pam
/root/vsftpd-2.0.2/RedHat/vsftpd.pam
/root/vsftpd-2.0.2/EXAMPLE/VIRTUAL_USERS/vsftpd.pam
/root/vsftpd-2.0.2/dummyinc/security/pam_appl.h
root@work:/usr/sbin# pam
bash: pam: command not found

Last edited by buffed317; 03-22-2005 at 01:54 PM.
 
Old 03-22-2005, 01:56 PM   #10
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 420Reputation: 420Reputation: 420Reputation: 420Reputation: 420
OK, that may be part of the problem. If you enable using local_enable=YES, that only looks at /etc/passwd for authentication. However, if I remember correctly, dropline Gnome installs PAM authentication and replaces the default Slackware authentication. Have a look through the vsftpd man page and take a look at the options you need to set to allow PAM to function. I'd make more suggestions, but since I don't use PAM, I really don't have any useful experience.
 
Old 03-22-2005, 02:28 PM   #11
buffed317
Member
 
Registered: Jun 2004
Location: New Jersey, USA
Distribution: Slackware 11
Posts: 191

Original Poster
Rep: Reputation: 31
i added pam_service_name=ftp to vsftpd.conf because it said this in man vsftpd.conf:

pam_service_name
This string is the name of the PAM service vsftpd
will use.

Default: ftp

so after i did this nothing changed
 
Old 03-22-2005, 03:28 PM   #12
buffed317
Member
 
Registered: Jun 2004
Location: New Jersey, USA
Distribution: Slackware 11
Posts: 191

Original Poster
Rep: Reputation: 31
from http://www.vsftpdrocks.org/faq/

Q) Help! Local users cannot log in.
A) There are various possible problems.
A1) By default, vsftpd disables any logins other than anonymous logins. Put
local_enable=YES in your /etc/vsftpd.conf to allow local users to log in.
A2) vsftpd tries to link with PAM. (Run "ldd vsftpd" and look for libpam to
find out whether this has happened or not). If vsftpd links with PAM, then
you will need to have a PAM file installed for the vsftpd service. There is
a sample one for RedHat systems included in the "RedHat" directory - put it
under /etc/pam.d
A3) If vsftpd didn't link with PAM, then there are various possible issues. Is
the user's shell in /etc/shells? If you have shadowed passwords, does your
system have a "shadow.h" file in the include path?
A4) If you are not using PAM, then vsftpd will do its own check for a valid
user shell in /etc/shells. You may need to disable this if you use an invalid
shell to disable logins other than FTP logins. Put check_shell=NO in your
/etc/vsftpd.conf.


from a2. i did ldd vsftpd in console and got:
root@work:/usr/sbin# ldd vsftpd
ldd: ./vsftpd: No such file or directory

i put the pam redhat file in /etc/pam.d
and nothing changed

the pam redhat files contents are :

#%PAM-1.0
auth required /lib/security/pam_listfile.so item=user sense=deny file$auth required /lib/security/pam_pwdb.so shadow nullok
auth required /lib/security/pam_shells.so
account required /lib/security/pam_pwdb.so
session required /lib/security/pam_pwdb.so


i also put did root@work:/etc/pam.d# ln -s /usr/include/shadow.h /usr/sbin

to include shadow.h in root's path as recommended.

still get 530 login incorrect
 
Old 03-22-2005, 03:29 PM   #13
Linux.tar.gz
Senior Member
 
Registered: Dec 2003
Location: Paris
Distribution: Slackware forever.
Posts: 2,493

Rep: Reputation: 96
According another thread, you have to recompile vsftp with Pam support.
http://www.linuxquestions.org/questi...5&pagenumber=1
 
Old 03-23-2005, 07:34 AM   #14
buffed317
Member
 
Registered: Jun 2004
Location: New Jersey, USA
Distribution: Slackware 11
Posts: 191

Original Poster
Rep: Reputation: 31
to fix it, go into the vsftpd folder and

cp RedHat/vsftpd.pam /etc/pam.d/ftp

more detail is given in the above link. thanks for everyone's help
 
Old 03-30-2005, 11:39 PM   #15
selfxplanatory
LQ Newbie
 
Registered: Mar 2005
Posts: 7

Rep: Reputation: 0
*nevermind*

Last edited by selfxplanatory; 03-31-2005 at 01:59 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
vsftpd anonymous login r.stiltskin Linux - Networking 4 03-16-2007 11:19 PM
VSFTPD login error. hacabrera071 Linux - Newbie 3 03-18-2005 02:44 PM
vsftpd - only root can login! mpn Linux - Networking 4 12-22-2004 12:34 AM
vsFTPD login problem tr0gd0O0r Linux - Networking 6 11-26-2003 10:12 PM
VSFTPD virtual user login using pam.d problem exalik Linux - Networking 3 11-07-2003 04:29 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 07:50 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration