Sorry for opening a thread on this, but solution I tried for 2 hours did not work. If find the following errors while trying to log in with FTP: Code: Sep 20 12:55:59 aerotronicvds proftpd[9079]: localhost.localdomain (::ffff:130.89.137.92[::ffff:130.89.137.92]) - FTP session opened. Sep 20 12:55:59 aerotronicvds proftpd: PAM-listfile: Refused user ***user*** for service proftpd Sep 20 12:55:59 aerotronicvds proftpd(pam_unix)[9079]: authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=::ffff:130.89.137.92 user=***user*** Sep 20 12:56:01 aerotronicvds proftpd[9079]: localhost.localdomain (::ffff:130.89.137.92[::ffff:130.89.137.92]) - PAM(***user***): Authentication failure. Sep 20 12:57:28 aerotronicvds proftpd[9145]: localhost.localdomain (::ffff:130.89.137.92[::ffff:130.89.137.92]) - FTP session opened. Sep 20 12:57:28 aerotronicvds proftpd: PAM-listfile: Refused user ***user*** for service proftpd Sep 20 12:57:30 aerotronicvds proftpd[9145]: localhost.localdomain I have followed: http://www.howtoforge.com/perfect_setup_centos_4.4_p6 So /etc/pam.d/ftp is as should passwd: ***user***:x:10018:10002: *** Information:/var/www/web2/:/dev/null Also tried: ***user***:x:10018:10002: *** Information:/var/www/web2/./:/bin/false ***user***:x:10018:10002: *** Information:/var/www/web2/./:/etc/shell Also changed the owner of the files, but that's not where the problem lies. No luck. I think I better send proftpd.conf per PM. Thanks so much in advance for your help! Aldert
Code: # This is the ProFTPD configuration file # $Id: proftpd.conf,v 1.1 2004/02/26 17:54:30 thias Exp $ ServerName "ProFTPD server" ServerIdent on "FTP Server ready." ServerAdmin root@localhost ServerType standalone #ServerType inetd DefaultServer on AccessGrantMsg "User %u logged in." #DisplayConnect /etc/ftpissue #DisplayLogin /etc/ftpmotd #DisplayGoAway /etc/ftpgoaway DeferWelcome off # Use this to excude users from the chroot DefaultRoot ~ !adm # Use pam to authenticate (default) and be authoritative AuthPAMConfig proftpd AuthOrder mod_auth_pam.c* mod_auth_unix.c # Do not perform ident nor DNS lookups (hangs when the port is filtered) IdentLookups off UseReverseDNS off # Port 21 is the standard FTP port. Port 21 # Umask 022 is a good standard umask to prevent new dirs and files # from being group and world writable. Umask 022 # Default to show dot files in directory listings ListOptions "-a" # See Configuration.html for these (here are the default values) #MultilineRFC2228 off #RootLogin off #LoginPasswordPrompt on #MaxLoginAttempts 3 #MaxClientsPerHost none #AllowForeignAddress off # For FXP # Allow to resume not only the downloads but the uploads too AllowRetrieveRestart on AllowStoreRestart on # To prevent DoS attacks, set the maximum number of child processes # to 30. If you need to allow more than 30 concurrent connections # at once, simply increase this value. Note that this ONLY works # in standalone mode, in inetd mode you should use an inetd server # that allows you to limit maximum number of processes per service # (such as xinetd) MaxInstances 20 # Set the user and group that the server normally runs at. User nobody Group nobody # Disable sendfile by default since it breaks displaying the download speeds in # ftptop and ftpwho UseSendfile no # This is where we want to put the pid file ScoreboardFile /var/run/proftpd.score # Normally, we want users to do a few things. <Global> AllowOverwrite yes <Limit ALL SITE_CHMOD> AllowAll </Limit> </Global> # Define the log formats LogFormat default "%h %l %u %t \"%r\" %s %b" LogFormat auth "%v [%P] %h %t \"%r\" %s" # TLS # Explained at http://www.castaglia.org/proftpd/modules/mod_tls.html #TLSEngine on #TLSRequired on #TLSRSACertificateFile /etc/pki/tls/certs/proftpd.pem #TLSRSACertificateKeyFile /etc/pki/tls/certs/proftpd.pem #TLSCipherSuite ALL:!ADH:!DES #TLSOptions NoCertRequest #TLSVerifyClient off ##TLSRenegotiate ctrl 3600 data 512000 required off timeout 300 #TLSLog /var/log/proftpd/tls.log # SQL authentication Dynamic Shared Object (DSO) loading # See README.DSO and howto/DSO.html for more details. #<IfModule mod_dso.c> # LoadModule mod_sql.c # LoadModule mod_sql_mysql.c # LoadModule mod_sql_postgres.c #</IfModule> # A basic anonymous configuration, with an upload directory. #<Anonymous ~ftp> # User ftp # Group ftp # AccessGrantMsg "Anonymous login ok, restrictions apply." # # # We want clients to be able to login with "anonymous" as well as "ftp" # UserAlias anonymous ftp # # # Limit the maximum number of anonymous logins # MaxClients 10 "Sorry, max %m users -- try again later" # # # Put the user into /pub right after login # #DefaultChdir /pub # # # We want 'welcome.msg' displayed at login, '.message' displayed in # # each newly chdired directory and tell users to read README* files. # DisplayLogin /welcome.msg # DisplayFirstChdir .message # DisplayReadme README* # # # Some more cosmetic and not vital stuff # DirFakeUser on ftp # DirFakeGroup on ftp # # # Limit WRITE everywhere in the anonymous chroot # <Limit WRITE SITE_CHMOD> # DenyAll # </Limit> # # # An upload directory that allows storing files but not retrieving # # or creating directories. # <Directory uploads/*> # AllowOverwrite no # <Limit READ> # DenyAll # </Limit> # # <Limit STOR> # AllowAll # </Limit> # </Directory> # # # Don't write anonymous accesses to the system wtmp file (good idea!) # WtmpLog off # # # Logging for the anonymous transfers # ExtendedLog /var/log/proftpd/access.log WRITE,READ default # ExtendedLog /var/log/proftpd/auth.log AUTH auth # #</Anonymous> DefaultRoot ~ Include /etc/proftpd_ispconfig.conf There you go, thanks in advance (what is you PP account? ;-))
Can you comment out these two lines and restart ProFTPd? Code: AuthPAMConfig proftpd AuthOrder mod_auth_pam.c* mod_auth_unix.c Does it work then?
Hi Falko, Thanks for your time, it works better now: Code: Sep 22 15:05:34 aerotronicvds proftpd: proftpd shutdown succeeded Sep 22 15:05:35 aerotronicvds proftpd: - setting default address to 127.0.0.1 Sep 22 15:05:35 aerotronicvds proftpd[24024]: localhost.localdomain - error setting IPV6_V6ONLY: Protocol not available Sep 22 15:05:35 aerotronicvds proftpd[24024]: localhost.localdomain - ProFTPD 1.3.0 (stable) (built Wed Sep 13 17:13:34 EDT 2006) standalone mode STARTUP Sep 22 15:05:35 aerotronicvds proftpd: proftpd startup succeeded Sep 22 15:06:03 aerotronicvds proftpd[24033]: localhost.localdomain (::ffff:82.92.***.***[::ffff:82.92.***.***]) - FTP session opened. Sep 22 15:06:03 aerotronicvds ftp(pam_unix)[24033]: session opened for user ***user*** by (uid=0) Sep 22 15:06:03 aerotronicvds ftp(pam_unix)[24033]: session closed for user ***user*** But other options of different topics don’t work (using web2_username does not work, passive mode does not work, firewall port 21 is open, proftpd is listening right, also web-ftp of ispconfig does not work) Code: Sep 22 15:24:59 aerotronicvds proftpd[24634]: localhost.localdomain (::ffff:82.92.***.***[::ffff:82.92.***.***]) - FTP session opened. Sep 22 15:24:59 aerotronicvds proftpd[24634]: localhost.localdomain (::ffff:82.92.***.***[::ffff:82.92.***.***]) - no such user 'web2_***user***' Sep 22 15:25:04 aerotronicvds proftpd[24637]: localhost.localdomain (::ffff:82.92.***.***[::ffff:82.92.***.***]) - FTP session opened. Sep 22 15:25:04 aerotronicvds proftpd[24637]: localhost.localdomain (::ffff:82.92.***.***[::ffff:82.92.***.***]) - no such user 'web2_***user***' Sep 22 15:30:01 aerotronicvds proftpd[24905]: localhost.localdomain (::ffff:127.0.0.1[::ffff:127.0.0.1]) - FTP session opened. Sep 22 15:30:01 aerotronicvds proftpd[24905]: localhost.localdomain (::ffff:127.0.0.1[::ffff:127.0.0.1]) - FTP session closed. Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 *:ftp *:* LISTEN 24024/proftpd: (acc There is also a problem with a double userId for that user (id ***user*** gives dkfilter), but another user that has a unique id can’t login also. Also: Code: -bash-3.00# proftpd -t Checking syntax of configuration file - setting default address to 127.0.0.1 Syntax check complete. I have no idea anymore…
Can you check that your user is existing in /etc/passwd, and that there are only unique user IDs in /etc/passwd?
It appeared that the user was accidentally in ftpusers, so that it's conn. was refused ;-) Afterwards I was having problems with 'directory listing', but that could be solved with passive connection. Thanks for your time!
