PureFTPd on ISPConfig 3 won't connect

I followed the "The Perfect Server - Ubuntu 9.04 [ISPConfig 3]" how-to to set up my home web server. Everything seems to work fine with the exception of FTP. I created a client and a website and can browse to the default website. I then created an FTP user and navigated to user@domain with no success. I don't even get the login page - just an "The connection has timed out" error. I have port 21 forwarded on my router and open on fail2ban. Any ideas?

Here is my netstat -tap | grep ftp output:

Code:

tcp        0      0 *:ftp                   *:*                     LISTEN      8032/pure-ftpd (SER
tcp6       0      0 [::]:ftp                [::]:*                  LISTEN      8032/pure-ftpd (SER

Here is my iptables -L | grep ftp output:

Code:

Chain PUB_IN (4 references)
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:ftp-data
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:ftp

/etc/pure-ftpd/db/mysql.conf reads:

Code:

##############################################
#                                            #
# Sample Pure-FTPd Mysql configuration file. #
# See README.MySQL for explanations.         #
#                                            #
##############################################


# Optional : MySQL server name or IP. Don't define this for unix sockets.

MYSQLServer     127.0.0.1


# Optional : MySQL port. Don't define this if a local unix socket is used.

# MYSQLPort       3306


# Optional : define the location of mysql.sock if the server runs on this host.

# MYSQLSocket      /var/run/mysqld/mysqld.sock


# Mandatory : user to bind the server as.

MYSQLUser       ispconfig


# Mandatory : user password. You must have a password.

MYSQLPassword   mypassword


# Mandatory : database to open.

MYSQLDatabase   dbispconfig


# Mandatory : how passwords are stored
# Valid values are : "cleartext", "crypt", "md5" and "password"
# ("password" = MySQL password() function)
# You can also use "any" to try "crypt", "md5" *and* "password"

MYSQLCrypt      crypt


# In the following directives, parts of the strings are replaced at
# run-time before performing queries :
#
# \L is replaced by the login of the user trying to authenticate.
# \I is replaced by the IP address the user connected to.
# \P is replaced by the port number the user connected to.
# \R is replaced by the IP address the user connected from.
# \D is replaced by the remote IP address, as a long decimal number.
#
# Very complex queries can be performed using these substitution strings,
# especially for virtual hosting.


# Query to execute in order to fetch the password

MYSQLGetPW      SELECT password FROM ftp_user WHERE active = 'y' AND server_id = '1' AND username="\L"


# Query to execute in order to fetch the system user name or uid

MYSQLGetUID     SELECT uid FROM ftp_user WHERE active = 'y' AND server_id = '1' AND username="\L"


# Optional : default UID - if set this overrides MYSQLGetUID

#MYSQLDefaultUID 1000


# Query to execute in order to fetch the system user group or gid

MYSQLGetGID     SELECT gid FROM ftp_user WHERE active = 'y' AND server_id = '1' AND username="\L"


# Optional : default GID - if set this overrides MYSQLGetGID

#MYSQLDefaultGID 1000


# Query to execute in order to fetch the home directory

MYSQLGetDir     SELECT dir FROM ftp_user WHERE active = 'y' AND server_id = '1' AND username="\L"


# Optional : query to get the maximal number of files
# Pure-FTPd must have been compiled with virtual quotas support.

MySQLGetQTAFS  SELECT quota_files FROM ftp_user WHERE active = 'y' AND server_id = '1' AND quota_files != '-1' AND username="\L"


# Optional : query to get the maximal disk usage (virtual quotas)
# The number should be in Megabytes.
# Pure-FTPd must have been compiled with virtual quotas support.

MySQLGetQTASZ  SELECT quota_size FROM ftp_user WHERE active = 'y' AND server_id = '1' AND quota_files != '-1' AND username="\L"


# Optional : ratios. The server has to be compiled with ratio support.

MySQLGetRatioUL SELECT ul_ratio FROM ftp_user WHERE active = 'y' AND server_id = '1' AND quota_files != '-1' AND username="\L"
MySQLGetRatioDL SELECT dl_ratio FROM ftp_user WHERE active = 'y' AND server_id = '1' AND quota_files != '-1' AND username="\L"


# Optional : bandwidth throttling.
# The server has to be compiled with throttling support.
# Values are in KB/s .

MySQLGetBandwidthUL SELECT ul_bandwidth FROM ftp_user WHERE active = 'y' AND server_id = '1' AND quota_files != '-1' AND username="\L"
MySQLGetBandwidthDL SELECT dl_bandwidth FROM ftp_user WHERE active = 'y' AND server_id = '1' AND quota_files != '-1' AND username="\L"

# Enable ~ expansion. NEVER ENABLE THIS BLINDLY UNLESS :
# 1) You know what you are doing.
# 2) Real and virtual users match.

# MySQLForceTildeExpansion 1


# If you upgraded your tables to transactionnal tables (Gemini,
# BerkeleyDB, Innobase...), you can enable SQL transactions to
# avoid races. Leave this commented if you are using the
# traditionnal MyIsam databases or old (< 3.23.x) MySQL versions.

MySQLTransactions On

Finally, my mysql entry for dbispconfig.ftp_user is:

Code:

ftp_user_id = 1
sys_userid = 1
sys_groupid = 2
sys_perm_user = 'riud'
sys_perm_group = 'riud'
sys_perm_other = ''
server_id = 1
parent_domain_id = 1
username = my username
password = my encryped password
quota_size = -1
active = 'y'
uid = 'web1'
gid = 'client1'
dir = '/var/www/clients/client1/web1'
quota_files = -1
ul_ratio = -1
dl_ratio = -1
ul_bandwidth = -1
dl_bandwidth = -1

What am I missing?

Thank you for helping this new guy out!

 

Is this a physical server or a virtual machine?

 

My system is a physical server. Just a additional bit of info, when I enter myuser@myipaddress (as opposed to myuser@mydomain) from my home network I get a blank white screen, but no login prompt or any other indication that I am on a ftp page.

Greg

 

Also, my syslog is spewing this (I have it on a 5min refresh in ispconfig right now)

Code:

Sep 21 14:02:26 LittleBox kernel: [262664.090227] php[2383]: segfault at b6d2e760 ip b6d2e760 sp b6ca039c error 4 in librt-2.9.so[b7047000+7000]
Sep 21 14:05:02 LittleBox pure-ftpd: (?@localhost) [INFO] New connection from localhost
Sep 21 14:05:02 LittleBox pure-ftpd: (?@localhost) [INFO] Logout.
Sep 21 14:10:01 LittleBox pure-ftpd: (?@localhost) [INFO] New connection from localhost
Sep 21 14:10:01 LittleBox pure-ftpd: (?@localhost) [INFO] Logout.
Sep 21 14:15:01 LittleBox pure-ftpd: (?@localhost) [INFO] New connection from localhost
Sep 21 14:15:01 LittleBox pure-ftpd: (?@localhost) [INFO] Logout.
Sep 21 14:20:02 LittleBox pure-ftpd: (?@localhost) [INFO] New connection from localhost
Sep 21 14:20:02 LittleBox pure-ftpd: (?@localhost) [INFO] Logout.

It's repeating this series over and over again.

 

Did you try both active and passive transfers in your FTP client?

 

Nothing in either mode.

 

I have same problem

I have same problem please help!!! I can't login on FTP it can't accept remote connnection.
I have not installed the iptables and remove apparmor when installing ISPConfig 3.


In the syslog:

Code:

Oct  9 06:50:01 server pure-ftpd: (?@localhost) [INFO] New connection from localhost
Oct  9 06:50:01 server pure-ftpd: (?@localhost) [INFO] Logout.

 

Can login from localhost

I can login from localhost but can't remote. I have not installed the iptables and remove apparmor when installing ISPConfig 3. I check my hosts.deny nothing. Pleas help with that i can't resolve this problem alone

 

Just a couple of updates. I thought the problem might be that port 20 was blocked somewhere, but after going through my router, my server's iptables and my firewall settings again I confirmed that ports 20 and 21 are open. I tried rebuilding the machine with both proftpd and vsfptd and without any ftp server. ISPConfig doesn't look for anything but pureftpd, even thought the main page says it supports the other two. I doesn't even recognize if an ftp server isn't installed. While the only thing it does is produce an error message on the Monitor tab, this annoys me to no end. Now I have to either keep a service running that I can't connect to or keep ISPConfig with an constant error message in the Monitor tab. Pureftpd works on localhost if I set up a "real" user, but the virtual authentication and remote connection is a no-go. At this point I'm giving up and switching to OpenSuSE and trying something else.

 

I found that the problem has been resolved by Till on this thread

http://www.howtoforge.org/forums/showthread.php?p=205926

I have same problem, after adding DontResolve in pureftpd conf. Everything works fine now.

 

Thanks for the update, but that didn't do the trick for me. Added DontResolve to /etc/pure-ftpd/conf with the value of yes - made sure all permissions matched existing conf files and restarted service. Same results. Thanks anyway!

 

Hi,

I'm having the same issue, I just upgrade the pure-ftpd and it works like a charm

 

hi.
I'm having the same problem. I followed the "The Perfect Server - Ubuntu 14 [ISPConfig 3]
My server is a AWS EC2

I try connect and have "connection timeout"

I try add some files into /var/www/client1/ and says "dont have permission" but i logged with root user.

some helps???


ps. sory for my english

 

Hi. Thank you for responding so promptly.
I took the nmap query to see which ports were needed for external access. So I went on AWS and configueri to open all inbound ports that were necessary. 21,22, 80, 443, 990, 993, 8080, 8081, 8181, and others, all open.

But still can not get access via user and password on ftp.

about my other problem
As the / client1 / web ... I have the same problem of not having permission to write files via ssh using WinSCP root and ftp to root and key pair.

 

Hi
Tried everything on this (obviously having a similar issue)
New ISPConfig server, setup using perfect server setup Ubuntu 18.04. All fine (did not test the ftp access at this point)
Then imported ispconfig db from old server (already updated to latest version) and all my user config entries appeared fine.
Then could see all original ftp users and ADDED a new one for good measure...all fine accessing DB etc.
ftp fails to connect on ALL accounts so it seems pure ftp-mysql not able to query the ftp_users table correctly o something.
Then ran through the update script to reconfigure all services, ran through fine but still no auth on any ftp user.
Anybody help ? Please

FTP always returns the following:
530 Login authentication failed
Login failed.

 

ummm. rightly or wrongly i chose to stick with mysql
as in I changed all install package names to the mysql names from the same sources

 

Yes I do pure-ftpd-mysql is there.
I also just checked, and I can from cli login to mysql server using the credentials in mysql.conf from the /etc/pure-ftpd/db dir, so maybe its not a sql issue ? Like I said, from the get go, I didnt test ftp access until after I had pulled in the DB from previous server (also mysql obviously)

OK, turned on debugging for pureftp..
When attempting to login from remote machine, no additional clues I am afraid...just user...password...followed by authentication failed.
However, maybe this is it...upon restart of pureftp, it gave this warning:
[DEBUG] Couldn't load the DH parameters file /etc/ssl/private/pure-ftpd-dhparams.pem
I havent dug in to getting all the ssl certs right for this server yet but the login attempts have all bee non ssl port 21 so maybe thats just a red herring