weisso5,
I only get the following when I disable SSL,
Code:
Status: Resolving IP-Address for dragon
Status: Connecting to 10.4.10.114:21...
Status: Connection established, waiting for welcome message...
Response: 220-Test Banner
Response: 220
Command: USER testuser
Response: 331 Please specify the password.
Command: PASS ******
Response: 500 OOPS: cannot locate user entry:testuser
Error: Could not connect to server
To disable SSL I edit /etc/vsftpd.conf and comment out SSL parts as shown below...
Code:
# cat /etc/vsftpd.conf
listen=YES
ftpd_banner=Authorized Users Only! All others will be prosecuted to the full extent of the Law!
banner_file=/home/vsftpd/welcome.banner
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
nopriv_user=vsftpd
chroot_local_user=YES
secure_chroot_dir=/var/run/vsftpd
pam_service_name=vsftpd
#ssl_enable=YES
#allow_anon_ssl=NO
#force_local_data_ssl=YES
#force_local_logins_ssl=YES
#ssl_tlsv1=YES
#ssl_sslv2=NO
#ssl_sslv3=NO
rsa_cert_file=/etc/ssl/certs/vsftpd.pem
guest_enable=NO
#guest_username=vsftpd
local_root=/home/vsftpd/$USER
user_sub_token=$USER
virtual_use_local_privs=YES
user_config_dir=/etc/vsftpd_user_conf
When I enable SSL I get the following message
Code:
Status: Resolving IP-Address for dragon
Status: Connecting to 10.4.10.114:21...
Status: Connection established, waiting for welcome message...
Response: 220-Test Banner
Response: 220
Command: AUTH TLS
Response: 234 Proceed with negotiation.
Status: Initializing TLS...
Command: USER testuser
Status: Verifying certificate...
Status: TLS/SSL connection established.
Response: 331 Please specify the password.
Command: PASS ******
Error: Disconnected from server
Error: Could not connect to server
Status: Waiting to retry...
This is the vsftpd file changes that give the result above
Code:
# cat /etc/vsftpd.conf
listen=YES
ftpd_banner=Authorized Users Only! All others will be prosecuted to the full extent of the Law!
banner_file=/home/vsftpd/welcome.banner
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
nopriv_user=vsftpd
chroot_local_user=YES
secure_chroot_dir=/var/run/vsftpd
pam_service_name=vsftpd
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
rsa_cert_file=/etc/ssl/certs/vsftpd.pem
guest_enable=NO
#guest_username=vsftpd
local_root=/home/vsftpd/$USER
user_sub_token=$USER
virtual_use_local_privs=YES
user_config_dir=/etc/vsftpd_user_conf
The following is my pam.d file for MySQL and vsftp
Code:
# cat /etc/pam.d/vsftpd
auth required pam_mysql.so user=vsftpd passwd=hidden host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=0
account required pam_mysql.so user=vsftpd passwd=hidden host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=0
I have tried setting crypt to both 0 and 2.. 0 being no encryption, plain text and 2 being encrypted password.
Regardless of the message from FileZilla the vsftpd log always states
Code:
# tail -f /var/log/vsftpd.log
Mon Mar 17 09:28:56 2008 [pid 28017] CONNECT: Client "10.4.10.21"
Mon Mar 17 09:29:00 2008 [pid 28016] [testuser] OK LOGIN: Client "10.4.10.21"
Mon Mar 17 09:34:19 2008 [pid 28065] CONNECT: Client "10.4.10.21"
Mon Mar 17 09:34:19 2008 [pid 28064] [testuser] OK LOGIN: Client "10.4.10.21"
Mon Mar 17 10:07:26 2008 [pid 28944] CONNECT: Client "10.4.10.21"
Mon Mar 17 10:07:26 2008 [pid 28943] [testuser] OK LOGIN: Client "10.4.10.21"
Mon Mar 17 10:59:30 2008 [pid 28993] CONNECT: Client "10.4.10.21"
Mon Mar 17 10:59:30 2008 [pid 28992] [testuser] OK LOGIN: Client "10.4.10.21"
Mon Mar 17 10:59:35 2008 [pid 28996] CONNECT: Client "10.4.10.21"
Mon Mar 17 10:59:35 2008 [pid 28995] [testuser] OK LOGIN: Client "10.4.10.21"
Of course I am still unable to login I am storing the home folders over a samba share of course but I doubt that would affect anything. Let me know what you think I will be refreshing the thread constantly looking for your reply.