Regarding PROFTP problems, here is a new post: I have been following the thread posted by tarndt June 28th and I have tried most of the suggestions by falko. One of the interesting tests is to login through putty to ftp localhost. The usernames and passwords work, the same usernames and passwords work with web-FTP through ISPConfig. Unfortunately, when logging in using smart FTP get "login incorrect". Netstat -tap returns: tcp 0 0 *:ftp *:* LISTEN 22907/proftpd: (acc If I set the site to anonymous login, I can login with SmartFTP. The users are in /etc/passwd although there is also another file /etc/passwd- and the users are also in it. I have turned off the ISPConfig firewall as I have some rules that it cannot duplicate, but whethor it is on or off, same result. ISPconfig also has the FTP service enabled. I don't think there is a problem here, as it can connect anonymously. I have looked at proftp.conf and proftp_ispconfig.conf and compared them with another server that all of this works on, they look similar. So I am stumped, if there are any other suggestions, I would appreciate hearing them!
Have you tried both active and passive transfers in SmartFTP? What's the output of Code: netstat -tap and Code: iptables -L ?
Thank you for replying to my query. I have tried both passive FTP and it also will not work. The output of netstat -tap is in my first post, it appears that FTP is listening on all interfaces. Iptables -L yields: ACCEPT tcp -- anywhere anywhere tcp dpt:ftp state NEW which to me looks like it should work.
I have tried this now with the firewall off on the Linux box and Off in ISPConfig. I can't get access. I have also been using for most of my testing, the Linux firewall on and the ISPConfig firewall off. Now I have turned off Linux firewall and restarted the ISPConfig firewall.... and that doesn't work either. This is just not making sense! I added the user for this website to the Secondary group ftp, and I have looked into the logs and I see: Jul 18 16:33:45 web05 proftpd[8366]: 209.104.160.5 (209.104.160.30[209.104.160.30]) - PAM(web11_th eatre): Authentication failure. So I am now going through and trying to see if there is some access list that these users need to be in and are not. Please write back with any suggested areas I need to check in, I will be reviewing your other posts as well. Thanks!
more information on proftp with ISPConfig I noticed in one of the other posts, you had looked at the contents of the /etc/proftp_ispconfig.conf files, mine appear to be slightly different, rather than one virtual host, there are 2: <VirtualHost 209.104.160.22> DefaultRoot ~ AllowOverwrite on Umask 002 </VirtualHost> <VirtualHost 209.104.160.5> DefaultRoot ~ AllowOverwrite on Umask 002 </VirtualHost>
Never use two different firewalls at the same time. It will mess up your firewall rules, resulting in unforeseeable behaviour! Either use your Linux firewall, or use the ISPConfig firewall, but not both at the same time. Which distribution do you use?
I am generally only using the Linux firewall but in this case on this server I am trying anything to see if I have done something wrong, in other words I am desperate! (-: Could you please explain what you need to know regarding distribution? do you mean distribution of ISPConfig or Linux firewall?
I want to know if you use Debian, Fedora, SuSE, Mandriva, CentOS, ..., and which version of that distribution.
I know its a stupid idea, but... are you writing the username/passwords right? are you using webXX_XXX ? what about password capital letters? linux is case sensitive. you said you can log in anonymously, so, i dont believe its firewall problem.. Try disable pasive transfer or using the ftp command under windows.
Thanks for your reply, its a valid question, yes I have doube checked this information. Although, you have now prompted me to try creating a user directly in Proftpd to see if they can get through........ Thanks!
One interesting thing to note, the ProFTP server status is running, it is set to start at boot, and yet in webmin, anytime you enter any of the screens to edit anything to do with the FTP server, it shows the ability to Start Proftp at the top of the page. So somehow the server is running but webmin is not getting the message that it is running, and I wonder if there is something wrong with the service?
Please do not use ISPConfig and Webmin at the same time! You will mess up your system... Did you have a look here? http://www.howtoforge.com/forums/showthread.php?t=196
Thanks for the link, had a read, I haven't got a router in front of this server, only using the Linux firewall, but I will check the logs there and see if anything fishy going on. Can't really connect and test internally, as it is only connected to the internet. Getting to the point that I am going to build a new server I think....
Well, I was referring to post #11 of the above thread: http://www.howtoforge.com/forums/showpost.php?p=687&postcount=11
Well thank you very, very much, this worked!!! And I would never have figured it out! I am very relieved I was down to the last few hairs on my head, but it was also a good learning process. Now if you have the time.... I am going to assume that ISPconfig uses an ftp server it calls "ftp" and therefore this pam file needed to have the same name, does it kind of piggy back on proftp?? Can you let me know if I have the correct thought process here? Once again thanks!
