LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 06-08-2010, 07:31 PM   #1
natoinet
LQ Newbie
 
Registered: Jun 2010
Posts: 4

Rep: Reputation: 0
Post proftpd - 530 login error when logging in normal mode + root


Hello,

I've been installing proftpd on a server running fedora 8. It is setup in standalone server type, and I checked that the process is running and listening to port 21.
When I try to login using a ftp client in Normal mode with root user & password , I receive first a 220, then a 530 login incorrect error.
Can you help me?

I've been pasting my proftpd.conf configuration file below

Thanks for your help
natoinet.

Code:
# This is the ProFTPD configuration file
AllowOverwrite on
AuthAliasOnly on

ServerName                      "ProFTPD server"
ServerIdent                     on "FTP Server ready."
ServerAdmin                     root
ServerType                      standalone
#ServerType                     inetd
DefaultServer                   on
AccessGrantMsg                  "User %u logged in."
#DisplayConnect                 /etc/ftpissue
#DisplayLogin                   /etc/ftpmotd
#DisplayGoAway                  /etc/ftpgoaway
DeferWelcome                    off

# Use this to excude users from the chroot
DefaultRoot                     ~ !adm

# Use pam to authenticate (default) and be authoritative
AuthPAMConfig                   proftpd
AuthOrder                       mod_auth_pam.c* mod_auth_unix.c

# Do not perform ident nor DNS lookups (hangs when the port is filtered)
IdentLookups                    off
UseReverseDNS                   off

# Port 21 is the standard FTP port.
Port                            21

# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask                           022

# Default to show dot files in directory listings
ListOptions                     "-a"

# See Configuration.html for these (here are the default values)
#MultilineRFC2228               off
#RootLogin                      off
#LoginPasswordPrompt            on
#MaxLoginAttempts               3
#MaxClientsPerHost              none
#AllowForeignAddress            off     # For FXP

# Allow to resume not only the downloads but the uploads too
AllowRetrieveRestart            on
AllowStoreRestart               on

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances                    20

# Set the user and group that the server normally runs at.
User                            nobody
Group                           nobody

# Disable sendfile by default since it breaks displaying the download speeds in
# ftptop and ftpwho
UseSendfile                     no

# This is where we want to put the pid file
ScoreboardFile                  /var/run/proftpd.score

# Normally, we want users to do a few things.
<Global>
  AllowOverwrite                yes
  <Limit ALL SITE_CHMOD>
    AllowAll
  </Limit>
</Global>

# Define the log formats
LogFormat                       default "%h %l %u %t \"%r\" %s %b"
LogFormat                       auth    "%v [%P] %h %t \"%r\" %s"

# Configuration for mod_ban
<IfModule mod_ban.c>
  BanEngine on
  BanLog /var/log/proftpd/ban.log
  BanTable /var/run/proftpd/ban.tab

  # If the same client reaches the MaxLoginAttempts limit 2 times
  # within 10 minutes, automatically add a ban for that client that
  # will expire after one hour.
  BanOnEvent MaxLoginAttempts 2/00:10:00 01:00:00

  # Allow the FTP admin to manually add/remove bans
  BanControlsACLs all allow user ftpadm
</IfModule>
 
Old 06-08-2010, 11:16 PM   #2
smoker
Senior Member
 
Registered: Oct 2004
Distribution: Fedora Core 4, 12, 13, 14, 15, 17
Posts: 2,279

Rep: Reputation: 250Reputation: 250Reputation: 250
Do not log in to FTP as root - ever.

Your error is because the config specifically says that root login is disabled.
The reason it is disabled is because FTP does not encrypt passwords so anybody could sniff them over the network when you log in, and then they own your box.

Always use a normal user for ftp. If you need to work as root for any reason, then use ssh. If you need files uploading for use by root, upload them as a normal user, then use ssh to move them, change their permissions, whatever.

This is all apart from the fact that you are installing an old ftp server on an unsupported operating system. I really hope you are not going to expose this machine to the internet.
 
Old 06-09-2010, 05:24 AM   #3
natoinet
LQ Newbie
 
Registered: Jun 2010
Posts: 4

Original Poster
Rep: Reputation: 0
proftpd - 530 login error when logging in normal mode + root

Thank you for your answer smoker. I did not know that ftp user and pwd were not encrypted.

Yes I was going to expose this machine on the internet with proftpd.
You said proftpd is an old ftp server unsupported on fedora 8, then which ftp server shall I use, and how should it be configured?
On another server, I have xnetd listening to port 21 that calls protpd, is this correct?
 
Old 06-09-2010, 12:52 PM   #4
smoker
Senior Member
 
Registered: Oct 2004
Distribution: Fedora Core 4, 12, 13, 14, 15, 17
Posts: 2,279

Rep: Reputation: 250Reputation: 250Reputation: 250
The version you have of proftpd is old because Fedora 8 is unsupported. You should seriously consider installing a new version of Fedora (or any other distro).

Port 21 is correct for the standard FTP port.

If you were to update your server system to the latest Fedora (or at least F12) then you would have easy access to several different ftp server daemons, such as VSFTPD, ProFTPD and Pure-FTPd. Any of them is better than the one you have now.

Either way, don't login as root over a network. Not even via ssh. Security is about layers, so if you only have one layer, you don't really have any security.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
no desktop icons, no task bar, but normal while login as root graphics mode pradeepkumarp Linux - Newbie 1 08-21-2009 12:09 PM
How to login as root , similar logging as normal user? vibinlakshman Linux - Software 7 12-12-2008 07:54 PM
ProFTPD [530 Login incorrect] dmjendor Linux - General 0 11-11-2008 05:15 PM
Proftpd 530 Login Incorrect error besides correct password imagineers7 Linux - Networking 9 01-07-2008 03:13 AM
ProFTPd on SuSE 9.1:Error 530 (Login Incorrect) bmctee Linux - Software 0 08-10-2004 01:21 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 04:13 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration