I know there was a recently opened thread about this, but it did not seem to cover my problem, and I didn't want to hijack someones thread. I also receive a 530 Error when trying to connect via FTP using an account I created in ISPConfig 3. MySQL server is running properly and FTPd seems to be connecting to it properly (no errors generated). So, I have a client named "remarx" with an ftp account "ftp" ... so the username is "remarx_ftp" - still unable to login with it. Verified password and database entry. All look fine. Syslog only says: Code: Mar 24 06:39:50 dedi144 pure-ftpd: ([email protected]) [INFO] New connection from 24.129.83.69 Mar 24 06:39:50 dedi144 pure-ftpd: ([email protected]) [WARNING] Authentication failed for user [remarx_ftp] Mar 24 06:39:54 dedi144 pure-ftpd: ([email protected]) [INFO] Logout. pureftpd.log is empty. I've turned on verbose logging to no avail. pureftpd.log is still empty. I've also (just to ease my own mind) verified the SQL statements and settings in pureftpd-mysql.conf and all look good. So, I'm at a loss with it. Any ideas?
The problem that you have can also be caused by failing DNS lookups. Please disable dns resolving by settimg: DontResolve yes in the pure-ftpd.conf and then restart pure-ftpd.
This was already done in the pure-ftpd.conf file when the fiasco started. Here is my pure-ftpd.conf Code: # Cage in every user in his home directory ChrootEveryone yes # If the previous option is set to "no", members of the following group # won't be caged. Others will be. If you don't want chroot()ing anyone, # just comment out ChrootEveryone and TrustedGID. # TrustedGID 100 # Turn on compatibility hacks for broken clients BrokenClientsCompatibility no # Maximum number of simultaneous users MaxClientsNumber 50 # Fork in background Daemonize yes # Maximum number of sim clients with the same IP address MaxClientsPerIP 8 # If you want to log all client commands, set this to "yes". # This directive can be duplicated to also log server responses. VerboseLog yes # List dot-files even when the client doesn't send "-a". DisplayDotFiles yes # Don't allow authenticated users - have a public anonymous FTP only. AnonymousOnly no # Disallow anonymous connections. Only allow authenticated users. NoAnonymous yes # Syslog facility (auth, authpriv, daemon, ftp, security, user, local*) # The default facility is "ftp". "none" disables logging. SyslogFacility ftp # Don't resolve host names in log files. Logs are less verbose, but # it uses less bandwidth. Set this to "yes" on very busy servers or # if you don't have a working DNS. DontResolve yes # Maximum idle time in minutes (default = 15 minutes) MaxIdleTime 15 # MySQL configuration file (see README.MySQL) MySQLConfigFile /etc/pure-ftpd/pureftpd-mysql.conf # Please note that LDAPConfigFile, MySQLConfigFile, PAMAuthentication and # UnixAuthentication can be used only once, but they can be combined # together. For instance, if you use MySQLConfigFile, then UnixAuthentication, # the SQL server will be asked. If the SQL authentication fails because the # user wasn't found, another try # will be done with /etc/passwd and # /etc/shadow. If the SQL authentication fails because the password was wrong, # the authentication chain stops here. Authentication methods are chained in # the order they are given. # 'ls' recursion limits. The first argument is the maximum number of # files to be displayed. The second one is the max subdirectories depth LimitRecursion 7500 8 # Are anonymous users allowed to create new directories ? AnonymousCanCreateDirs no # If the system is more loaded than the following value, # anonymous users aren't allowed to download. MaxLoad 4 # Disallow downloading of files owned by "ftp", ie. # files that were uploaded but not validated by a local admin. AntiWarez yes # Maximum bandwidth for anonymous users in KB/s # AnonymousBandwidth 8 # Maximum bandwidth for *all* users (including anonymous) in KB/s # Use AnonymousBandwidth *or* UserBandwidth, both makes no sense. # UserBandwidth 8 # File creation mask. <umask for files>:<umask for dirs> . # 177:077 if you feel paranoid. Umask 133:022 # Minimum UID for an authenticated user to log in. MinUID 500 # Do not use the /etc/ftpusers file to disable accounts. We're already # using MinUID to block users with uid < 500 UseFtpUsers no # Allow FXP transfers for authenticated users. AllowUserFXP no # Allow anonymous FXP for anonymous and non-anonymous users. AllowAnonymousFXP no # Users can't delete/write files beginning with a dot ('.') # even if they own them. If TrustedGID is enabled, this group # will have access to dot-files, though. ProhibitDotFilesWrite no # Prohibit *reading* of files beginning with a dot (.history, .ssh...) ProhibitDotFilesRead no # Never overwrite files. When a file whoose name already exist is uploaded, # it get automatically renamed to file.1, file.2, file.3, ... AutoRename no # Disallow anonymous users to upload new files (no = upload is allowed) AnonymousCantUpload yes # Create an additional log file with transfers logged in a Apache-like format : # fw.c9x.org - jedi [13/Dec/1975:19:36:39] "GET /ftp/linux.tar.bz2" 200 21809338 # This log file can then be processed by www traffic analyzers. AltLog clf:/var/log/pureftpd.log # This option is useful with servers where anonymous upload is # allowed. As /var/ftp is in /var, it save some space and protect # the log files. When the partition is more that X percent full, # new uploads are disallowed. MaxDiskUsage 99 # Be 'customer proof' : workaround against common customer mistakes like # 'chmod 0 public_html', that are valid, but that could cause ignorant # customers to lock their files, and then keep your technical support busy # with silly issues. If you're sure all your users have some basic Unix # knowledge, this feature is useless. If you're a hosting service, enable it. CustomerProof yes
Just an update. I enabled mysql logging in my.cnf and I can see pure-ftpd running the querys: Code: 100324 19:57:14 2 Connect ispconfig@localhost on dbispconfig 2 Query set autocommit=0 2 Query SELECT password FROM ftp_user WHERE active = 'y' AND server_id = '1' AND username="remarx_ftp" 2 Query SELECT uid FROM ftp_user WHERE active = 'y' AND server_id = '1' AND username="remarx_ftp" 2 Query SELECT gid FROM ftp_user WHERE active = 'y' AND server_id = '1' AND username="remarx_ftp" 2 Query SELECT dir FROM ftp_user WHERE active = 'y' AND server_id = '1' AND username="remarx_ftp" 2 Query COMMIT 2 Quit I ran them in mysql as the ispconfig user and they produce the correct output: Code: [root@dedi144 ~]# mysql -u ispconfig -p Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 6 Server version: 5.0.77-log Source distribution Type 'help;' or '\h' for help. Type '\c' to clear the buffer. mysql> connect Connection id: 7 Current database: *** NONE *** mysql> use dbispconfig Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Database changed mysql> SELECT password FROM ftp_user WHERE active = 'y' AND server_id = '1' AND username="remarx_ftp"; +----------+ | password | +----------+ | mypass | +----------+ 1 row in set (0.00 sec) mysql> SELECT uid FROM ftp_user WHERE active = 'y' AND server_id = '1' AND username="remarx_ftp"; +------+ | uid | +------+ | web1 | +------+ 1 row in set (0.00 sec) mysql> SELECT gid FROM ftp_user WHERE active = 'y' AND server_id = '1' AND username="remarx_ftp"; +---------+ | gid | +---------+ | client1 | +---------+ 1 row in set (0.00 sec) mysql> SELECT dir FROM ftp_user WHERE active = 'y' AND server_id = '1' AND username="remarx_ftp"; +-------------------------------+ | dir | +-------------------------------+ | /var/www/clients/client1/web1 | +-------------------------------+ 1 row in set (0.00 sec) So it would seem pure-ftpd is indeed using MySQL properly. Still no luck logging in though. The only thing has struck me as strange is the MinUID setting in /etc/pure-ftpd/pure-ftpd.conf - It is set to 500 and the UID on the FTP account is "web1" in the database (a nonexistent system user)
Yes, I can see the same messages in Monitor > View System-Log in ISPConfig. Nothing that really detailed the error I was having (mentioned above). What is stranger, is I switched the MYSQLEncrypt setting to 'cleartext' for testing and I still couldn't get any FTP-users authenticated using MySQL (after making the password cleartext in the database, of course). So, I changed it back to 'crypt' and recreated the FTP user, and logged in successfully..Go figure. Thanks for all the helpful hints. You are appreciated.