ot, please help with proftpd

Gregory Nowak greg at romuald.net.eu.org
Mon Jun 7 03:59:57 EDT 2010 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi folks,

I've been banging my head against the wall on this for quite a few
hours now, and it's really starting to aggravate me at this point, so
I'm really hoping someone can help.

I'm trying to setup something fairly simple in proftpd. I'm wanting to
setup an account, for which a username, and password are required to
login. I'll first provide the relevant section of /proftpd.conf, and
then will describe what the problem is:

- ---begin proftpd.conf section---

<Anonymous ~ftp/user_dir>

AuthUsingAlias on
AuthAliasOnly on
UserAlias user_name ftp
UserPassword user_name user_password_run_through_crypt
AnonRequirePassword on

   # Allow logins if they are disabled above.
  <Limit LOGIN>
 order allow,deny
AllowUser user_name
DenyAll
  </Limit>

  RequireValidShell             off
  User                          ftp
  Group                         nogroup

- ---snip---

</Anonymous>

- ---end proftpd.conf section---

However, I can't login:

331 Password required for user_name
Password:
530 Login incorrect.
Login failed.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> quit
221 Goodbye.

In proftpd.log, I see:

ANON user_name (Login failed): Limit access denies login.

I've also tried commenting out AuthAliasOnly in proftpd.conf, and
changing the login limit to say:

<Limit LOGIN>
 order allow,deny
AllowUser ftp
DenyAll
  </Limit>

and the login results are the same. In the logs though, I see:

USER ftp (Login failed): No such user found.

I suspect this is a PAM issue, and I don't really know of a way to get
around it, well, I do actually, but I don't like it. The only way I
know to get around this, is to add an extra ip to the server's
network interface, and setup a separate virtualhost in proftpd using
that ip, which would have AuthPAM set to off, and that should do
it. However, I really don't want to add another class C IP to my
network interface, and then deal with routing, to make sure it's
accessible from the outside.

So, does anyone else have another way around this problem, or is PAM
not the issue here, and I screwed up somewhere in the config? Thanks
in advance for any help.

Greg


- -- 
web site: http://www.romuald.net.eu.org
gpg public key: http://www.romuald.net.eu.org/pubkey.asc
skype: gregn1
(authorization required, add me to your contacts list first)

- --
Free domains: http://www.eu.org/ or mail dns-manager at EU.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkwMpv0ACgkQ7s9z/XlyUyBQSgCfbEWBs4pB2PAPrp8kWUibOnUb
QhgAnj7ennZTl6EBJiI9vxHXGAR8Sbl6
=BOhG
-----END PGP SIGNATURE-----

More information about the Speakup mailing list