I have installed proftpd on my debian 4.0 server. I have modified the proftpd.conf file so that there is a statement for AuthUserFile, which points to a valid file. The file is configured per the proftpd specs, however the user that I have placed in this file is not able to log-in to the server. What could I be doing wrong?
AuthUserFile is of the format: username:passwd:999:1002:www:/var/www:/bin/bash
-
The entry looks okay to me. Are there any errors in /var/log/proftpd/auth.log?
I found it easier to debug proftpd by stopping the proftpd service and running in the foreground using
proftpd -d 10(Perhaps not 10, 5 should be ample, see
man proftpdfor options)Then try connecting and see what errors you get.
dirknibleck : I checked var/log/proftpd/auth.log and it has the following errors: Aug 17 19:25:54 domain proftpd[13964] domain (IP[IP]): FTP session opened. Aug 17 19:26:10 domain proftpd[13964] domain (IP[IP]): PAM(myuser): User not known to the underlying authentication module. Aug 17 19:26:10 domain proftpd[13964] domain (IP[IP]): USER myuser (Login failed): Incorrect password.dirknibleck : I had entered the correct password. Here is what I think is pertinent from the log... dispatching auth request "getpwnam" to module mod_auth_file mod_auth_file/0.8.3: using passwd file '/etc/proftpd/authfiles/passwd' stashed module 'mod_auth_file.c' for user 'myuser' in the authcache retrieved UID 999 for user 'myuser' dispatching auth request "gid2name" to module mod_radius dispatching auth request "gid2name" to module mod_ldap dispatching auth request "gid2name" to module mod_sql dispatching auth request "gid2name" to module mod_auth_filedirknibleck : dispatching auth request "gid2name" to module mod_auth_unix using module 'mod_auth_pam.c' to authenticate user 'myuser' dispatching auth request "auth" to module mod_auth_pam ROOT PRIVS at mod_auth_pam.c:264 PAM(myuser): User not known to the underlying authentication module. RELINQUISH PRIVS at mod_auth_pam.c:423 using module 'mod_auth_file.c' from authcache to authenticate user 'myuser' dispatching auth request "auth" to module mod_auth_file mod_auth_file/0.8.3: using passwd file '/etc/proftpd/authfiles/passwd'dirknibleck : using module 'mod_auth_pam.c' to authenticate user 'myuser' using module 'mod_auth_file.c' from authcache to authenticate user 'myuser' dispatching auth request "check" to module mod_auth_file USER myuser (Login failed): Incorrect password.Richard Holloway : Can you post back the AuthOrder from your proftpd.conf file? Also do any authentication methods work? For example can you login using your normal Linux account? Can you rule out firewall problems (for example turn of firewall and try again)?dirknibleck : AuthOrder mod_auth_file.c Yes, I can login with my normal Linux account. It authenticates.From Richard Holloway -
It might be helpful to turn off checking of the legacy ftpusers file using the following Directive:
UseFtpUsers offBy default, the UseFtpUsers directive is On
dirknibleck : I put this in place - no go. I noticed a line in proftpd.conf: Include /etc/proftpd/modules.conf It does not have mod_auth_file.c listed in the file, nor does mod_auth_file.c exist in /usr/lib/proftpd It is supposed to be compiled by default, according to the documentation - http://www.proftpd.org/docs/modules/mod_auth_file.html Should I be reinstalling?avggeek : Can you execute the command "proftpd -vv" and post the output here? I believe that modules listed as "compiled by default" are statically loaded in the main executable, rather than as a DSO.From avggeek -
Sorry, I registered an account, so this appears elsewhere...
avggeek - when I run proftpd -vv, I get:
$ proftpd -vv -bash: proftpd: command not found
or
$ sudo /etc/init.d/proftpd start -vv Starting ftp server: proftpd.
avggeek : You can try executing the following command - sudo which -a proftpd to locate where the proftpd executable is stored. That said, the command sudo proftpd -vv probably will give an error (atleast it does in Debian Lenny). You can try /path/to/proftpd -vv instead, this should work without sudo.From Paul Shipman
0 comments:
Post a Comment