LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-30-2011, 03:50 PM   #1
alannerd
LQ Newbie
 
Registered: Jul 2005
Posts: 8

Rep: Reputation: 0
vsftpd wont allow me to connect in as root using FTP


Hello again,

On the same computer I screwed up the /var SELINUX context, I have been trying to get the VSFTPD to work.

I can get in via SCP, and SFTP, but not just regular ol' FTP.

I was trying to use root, but I am a newbie to linux.

Any idea how I can:

A) Get root to work

B) Create another FTP user.

Thanks from the newbie

-Alan
 
Old 01-30-2011, 04:12 PM   #2
xeleema
Member
 
Registered: Aug 2005
Location: D.i.t.h.o, Texas
Distribution: Slackware 13.x, rhel3/5, Solaris 8-10(sparc), HP-UX 11.x (pa-risc)
Posts: 987
Blog Entries: 4

Rep: Reputation: 252Reputation: 252Reputation: 252
Greetingz!

Quote:
Originally Posted by alannerd View Post
Hello again,
On the same computer I screwed up the /var SELINUX context....
I saw that thread, however, I didn't have anything constructive other than "backup your data and reload the Operating System" to say.
Note that although that is a real head-scracther, it's pretty darn funny.

Quote:
Originally Posted by alannerd View Post
I was trying to use root, but I am a newbie to linux.
Alright, newbie, time we told you about the "UNIX Rules"
Rule #1: You do not use the root account.
Rule #2: YOU do not USE the ROOT ACCOUNT, use sudo if you *really* need root!
Rule #3: If a process halts, gives an error, or SEGFAULTS, you read the man pages.
Rule #4: Only one System Administrator to a computer.
Rule #5: One fight question at a time.
Rule #6: No "Diet" drinks, no overhead lights.
Rule #7: FightsTroubleshooting sessions will go on as long as they have to.
Rule #8: If this is your first night at FIGHT CLUB LQ, you HAVE to fight google.

Quote:
Originally Posted by alannerd View Post
I can get in via SCP, and SFTP, but not just regular ol' FTP.
I was trying to use root, but I am a newbie to linux
Right, there's the problem. "Unsecure" services (like telnet and FTP, things that transmit information un-encrypted) are "smarter" than newbies.
They don't let you use the root account, because the password would zip along the ethers unencrypted (where someone is watching with a packet sniffer).
Don't use root.

Quote:
Originally Posted by alannerd View Post
B) Create another FTP user.
Depends on what you're using to serve FTP, so since you're using VSFTPd in this case, you might want to edit the configuration file and allow anonymous FTP access. This'll stop any "valid" passwords from flying around unencrypted.

1) Look for the vsftpd.conf file, uncomment "anonymous_enabled" and set it to "YES"
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=YES

Once that's done, you should be able to FTP into the box with either "anonymous" or "ftp" as a username, and maybe a valid email as a password.

2) Now if you really want any local users to be able to FTP their way in, then within that same file, look for "local_enabled" and set it to "YES"
# Uncomment this to allow local users to log in.
#local_enable=YES

WARNING: By enabling this option, your user's passwords will fly around unencrypted!
 
1 members found this post helpful.
Old 01-30-2011, 04:12 PM   #3
trist007
Senior Member
 
Registered: May 2008
Distribution: Slackware
Posts: 1,033

Rep: Reputation: 69
A) check that root is not in the /etc/ftpusers or /etc/vsftp/ftpusers, also there's another file I think in the /etc/vsftpd directory that may have a blacklist. Make sure to remove root on all of those.

B) you can create another ftp user simply by adding another user to your system. As root run either useradd or adduser.
 
Old 01-30-2011, 04:25 PM   #4
alannerd
LQ Newbie
 
Registered: Jul 2005
Posts: 8

Original Poster
Rep: Reputation: 0
It keeps giving me access denied on the FTP when I try to log in as another local user (other than root).

I uncommented "Local_enable=yes", and yet it still wont let me....



sorry....really wanting to use linux rather than windows for this stuff.
 
Old 01-30-2011, 04:26 PM   #5
trist007
Senior Member
 
Registered: May 2008
Distribution: Slackware
Posts: 1,033

Rep: Reputation: 69
Did you check those blacklists? /etc/ftpusers, /etc/vsftpd/ftpusers or other files in that directory? vsftpd directory may not be in /etc.
 
Old 01-30-2011, 04:27 PM   #6
xeleema
Member
 
Registered: Aug 2005
Location: D.i.t.h.o, Texas
Distribution: Slackware 13.x, rhel3/5, Solaris 8-10(sparc), HP-UX 11.x (pa-risc)
Posts: 987
Blog Entries: 4

Rep: Reputation: 252Reputation: 252Reputation: 252
Quote:
Originally Posted by alannerd View Post
It keeps giving me access denied on the FTP when I try to log in as another local user (other than root).
I uncommented "Local_enable=yes", and yet it still wont let me....
sorry....really wanting to use linux rather than windows for this stuff.
Um, did you restart the service after you changed it's configuration file?
 
Old 01-30-2011, 04:28 PM   #7
alannerd
LQ Newbie
 
Registered: Jul 2005
Posts: 8

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by trist007 View Post
Did you check those blacklists? /etc/ftpusers, /etc/vsftpd/ftpusers or other files in that directory? vsftpd directory may not be in /etc.
Sure did....removed root to test, and root works...but my other user does not....?

xeleema: yes i did.
 
Old 01-30-2011, 04:31 PM   #8
trist007
Senior Member
 
Registered: May 2008
Distribution: Slackware
Posts: 1,033

Rep: Reputation: 69
Make sure that your users have a shell defined in /etc/passwd file. Also of course make sure those users aren't on those blacklists.


If you see /bin/nologon as the shell in the /etc/passwd for that user, then that's why.
 
Old 01-30-2011, 04:51 PM   #9
alannerd
LQ Newbie
 
Registered: Jul 2005
Posts: 8

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by trist007 View Post
Make sure that your users have a shell defined in /etc/passwd file. Also of course make sure those users aren't on those blacklists.


If you see /bin/nologon as the shell in the /etc/passwd for that user, then that's why.
For the user i found "/home/(myusername): /bin/bash"

---------- Post added 01-30-11 at 09:52 PM ----------

and it didnt really say (myusername) i was just not posting it.
 
Old 01-30-2011, 05:12 PM   #10
xeleema
Member
 
Registered: Aug 2005
Location: D.i.t.h.o, Texas
Distribution: Slackware 13.x, rhel3/5, Solaris 8-10(sparc), HP-UX 11.x (pa-risc)
Posts: 987
Blog Entries: 4

Rep: Reputation: 252Reputation: 252Reputation: 252
Like I said, Rule #3

Code:
luser@lhost$ man ftpusers
FTPUSERS(5)                Linux Programmer’s Manual               FTPUSERS(5)

NAME
       ftpusers - list of users that may not log in via the FTP daemon

DESCRIPTION
       The  text  file  ftpusers  contains a list of users that may not log in using the
       File Transfer Protocol (FTP) server daemon. This file is used not merely for sys-
       tem  administration purposes but for improving security within a TCP/IP networked
       environment. It will typically contain a list of the users that  either  have  no
       business  using  ftp  or have too many privileges to be allowed to log in through
       the FTP server daemon.  Such users usually include root, daemon, bin,  uucp,  and
       news.   If  your FTP server daemon doesn’t use ftpusers then it is suggested that
       you read its documentation to find out how to block  access  for  certain  users.
       Washington  University  FTP  server  Daemon  (wuftpd) and Professional FTP Daemon
       (proftpd) are known to make use of ftpusers.

FORMAT
       The format of ftpusers is very simple. There is one account name (or  user  name)
       per line.  Lines starting with a # are ignored.

FILES
       /etc/ftpusers

SEE ALSO
       passwd(5), proftpd(8), wuftpd(8)

File formats                      2000-08-27                       FTPUSERS(5)
 
Old 01-30-2011, 05:14 PM   #11
alannerd
LQ Newbie
 
Registered: Jul 2005
Posts: 8

Original Poster
Rep: Reputation: 0
I think you misunderstood what I was posting there.

I wasnt checking the ftpusers file

I was checking /etc/passwd fire.

Thats where my response came from.

I do understand the ftpusers is what is denying users.
 
Old 01-30-2011, 05:42 PM   #12
xeleema
Member
 
Registered: Aug 2005
Location: D.i.t.h.o, Texas
Distribution: Slackware 13.x, rhel3/5, Solaris 8-10(sparc), HP-UX 11.x (pa-risc)
Posts: 987
Blog Entries: 4

Rep: Reputation: 252Reputation: 252Reputation: 252
Quote:
Originally Posted by alannerd View Post
I think you misunderstood what I was posting there.
Ah, my mistake. Okay, well I assume you can login as username via the Desktop, right?
This user also has a password, correct? (Password-less FTP logins are kicked-back by VSftpD, if I recall correctly).
You can verify this with the following command;
Code:
luser@lhost$ sudo passwd -S luser
luser PS 2010-06-28 0 99999 7 -1 (Password set, MD5 crypt.)
luser@lhost$
So, what does syslog (or vsftpd's logs) say when you try to login as username?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How to change default /var/ftp/pub in ftp(vsftpd) mohd anas Linux - Networking 3 07-08-2011 03:14 PM
Connect my netbook to wireless but it wont connect to the internet but it did . Haydn456MJW Linux - Newbie 7 01-26-2011 06:56 PM
[SOLVED] vsftpd: FTP clients work, ftp://xxxx in mozilla does not. Anonymous user prob? arashi256 Linux - Server 8 01-13-2010 10:31 AM
Can't connect to FTP server running vsftpd eswafford Linux - Software 1 07-19-2007 09:56 AM
vsftpd not running..i can connect ftp via anonymous..not able put/get files Saravana Pandi Linux - Networking 1 06-06-2006 08:17 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 01:28 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration