I have set up a Fedora 4 server with the HowToForge Perfect setup guides and have also installed ISPConfig. After creating a site, and creating a user/email within that site (ie not a customer but a site user), I find that I can log into to FTP from WebFTP as the user, but not from an external host on the same network, with a traditional ftp client. I do not have any firewalling on that machine plus is I set it to accept Anonymous connections it makes the connection, so network connectivity etc is not an issue. Are there any tricks or traps that I might have stumbled into? Or areas I should specifically check? Many thanks Brian
Please check with the command "netstat -tap" if your ftp server is listening on all IP addresses. The WebFTP is connecting on localhost with a normal FTP connection, so you can be sure thet FTP and authentication are working on localhost (IP 127.0.0.1).
Thanks for that... I had looked at that before... and the the ftp port is being serviced by proftpd Even on the local machine where I can log into to FTP through ISPConfig's WebFTP I cannot do it from a local machine's ftp client using the same credentials. If I set if for anonymous FTP from a remote machine then I can access it, however it opens a folder called "incoming", and that folder does not appear in the ISPConfig managed site. The only reference I can find to that folder anywhere on the machine is in the folder /var/spool/postfix/incoming, but curiously if I create a folder in there it does not show up on the remote ftp client. The incomg folder seems to be being magicked out of nowhere... Being able to access something (whatever it is) as the anonymous userseems to me to prove that it is not a firewall issue, and that it is a user rights issue. I have checked the /etc/passwd and when I do not have anonymous FTP turned on, then I just have the one user web1_xx and if I have anonymous turned on then I have the above user plus web1_anonftp. I have checked the web1_xx rights and the group web1... I am really lost, and the anonymous user "incoming" folder showing up on remote ftp clients has me quite confused... Thanks Brian
As you are using FC4 you should have a look at the link falko posted above, it might be a pam configuration problem.
Hi, I have looked at that and yes it is FC4, however I am not sure how that forum link helps, as it details the problem which is the same as I am having, but there is no discussion about the PAM authentication in that item. What is the PAM issue that needs to be addressed... Many thanks for everyone's assistance too... Regards Brian
Doh... page 2.... That excited me, until I got to the part of finding a /etc/pam.d/ftp file with the following already in it. #%PAM-1.0 auth required pam_unix.so nullok account required pam_unix.so session required pam_uni.so Have I missed something? By the way, this was already created and this was an fc4 install. Thanks for all your assistance Falko... I really have appreciated your HowTo's and thanks for the assistance with this problem. I am relatively new to the Linux world, having been entrenched in the DOS/Windows/Netware world for many years, and my only foray's into Linux have been setting up boxex for things like routing, small samba boxes etc, which once they are set up never seem to even need much touching again. I have been active as contributors to other OS and product forums, and I hope that my Linux skills will improve enough to the point where I can contribute back to the Linux world where I am finding so many capable people willing to help me get my footing. Many thanks Brian
Regretably I did not try the FTP server before I installed ISPConfig... so perhaps it is to do with ProFTP, although I can use WebFTP which I guess is just using the services of ProFTP...
Oh yeah and one other point... I installed WebMin... and when I look at the System - Users & Groups - web1_dp it shows under passwords that it is a pre-encrypted password. I tried changing it to a normal password but it keeps reverting back to pre-encrypted... the point of this was wondering whether it requires encrypted or clear text passwords from the client... since anonymous works (in a fashion 'coz I am lost to where this "incoming" folder is coming from), I know that the ftp server is accepting connection from remote machines, it seems very much around the authenication which is why I thought that the PAM thing may be the solution... but alas not... By the way, when I setup this box, from your (Falko's) Perfect FC4 HowTo, I set up 5 IP addresses... 192.168.1.5, .6, .7 .8, .9 I have only created one site so far "web1", and linked it to the .6 IP address. The website itself seems to be working fine. If I http://192.168.1.5 then I get the default apache site in the /var/www folder, and the http://192.168.1.6 then I get the ISP managed one. If I ftp to either the .5 or the .6 then I get the same outcome. I have tried logging in with another user I created and I get the same result on either IP. I have also tried using a DN... I have not started even thinking about the DNS server, so I have used the host files on the remote machines. Thanks Brian
Hi Falko, I now have it working... at long last... For whatever reason the /etc/pam.d/ftp file had a mistake on the session line, as you can see by one of my first posts. After tracing thru ProFTP, and PAM configuration files eventually they led back to thatfile and I noticed the mistake. I noticed that there have been a few posts about FTP and FC4 and it seems for some people the etc/pam.d/ftp hadn't been created, but in my case it had but with an error in it... very curious... Thanks for you assistance Regards Brian
