ot, please help with proftpd

Trevor Astrope astrope at tabbweb.com
Mon Jun 7 09:26:42 EDT 2010


I use the same setup without the UserPassword. Not sure if that is your 
problem, but test it by commenting out UserPassword and use a valid 
username that is an account on the system.

I also have this set:


# Use pam to authenticate (default) and be authoritative
AuthPAMConfig                   proftpd
AuthOrder                       mod_auth_pam.c* mod_auth_unix.c

Here is my /etc/pam.d/proftpd:

#%PAM-1.0
auth       required     pam_listfile.so item=user sense=deny 
file=/etc/ftpusers$
auth       required     pam_stack.so service=system-auth
auth       required     pam_shells.so
account    required     pam_stack.so service=system-auth
session    required     pam_stack.so service=system-auth



On Mon, 7 Jun 2010, Gregory Nowak wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi folks,
>
> I've been banging my head against the wall on this for quite a few
> hours now, and it's really starting to aggravate me at this point, so
> I'm really hoping someone can help.
>
> I'm trying to setup something fairly simple in proftpd. I'm wanting to
> setup an account, for which a username, and password are required to
> login. I'll first provide the relevant section of /proftpd.conf, and
> then will describe what the problem is:
>
> - ---begin proftpd.conf section---
>
> <Anonymous ~ftp/user_dir>
>
> AuthUsingAlias on
> AuthAliasOnly on
> UserAlias user_name ftp
> UserPassword user_name user_password_run_through_crypt
> AnonRequirePassword on
>
>   # Allow logins if they are disabled above.
>  <Limit LOGIN>
> order allow,deny
> AllowUser user_name
> DenyAll
>  </Limit>
>
>  RequireValidShell             off
>  User                          ftp
>  Group                         nogroup
>
> - ---snip---
>
> </Anonymous>
>
> - ---end proftpd.conf section---
>
> However, I can't login:
>
> 331 Password required for user_name
> Password:
> 530 Login incorrect.
> Login failed.
> Remote system type is UNIX.
> Using binary mode to transfer files.
> ftp> quit
> 221 Goodbye.
>
> In proftpd.log, I see:
>
> ANON user_name (Login failed): Limit access denies login.
>
> I've also tried commenting out AuthAliasOnly in proftpd.conf, and
> changing the login limit to say:
>
> <Limit LOGIN>
> order allow,deny
> AllowUser ftp
> DenyAll
>  </Limit>
>
> and the login results are the same. In the logs though, I see:
>
> USER ftp (Login failed): No such user found.
>
> I suspect this is a PAM issue, and I don't really know of a way to get
> around it, well, I do actually, but I don't like it. The only way I
> know to get around this, is to add an extra ip to the server's
> network interface, and setup a separate virtualhost in proftpd using
> that ip, which would have AuthPAM set to off, and that should do
> it. However, I really don't want to add another class C IP to my
> network interface, and then deal with routing, to make sure it's
> accessible from the outside.
>
> So, does anyone else have another way around this problem, or is PAM
> not the issue here, and I screwed up somewhere in the config? Thanks
> in advance for any help.
>
> Greg
>
>
> - --
> web site: http://www.romuald.net.eu.org
> gpg public key: http://www.romuald.net.eu.org/pubkey.asc
> skype: gregn1
> (authorization required, add me to your contacts list first)
>
> - --
> Free domains: http://www.eu.org/ or mail dns-manager at EU.org
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
>
> iEYEARECAAYFAkwMpv0ACgkQ7s9z/XlyUyBQSgCfbEWBs4pB2PAPrp8kWUibOnUb
> QhgAnj7ennZTl6EBJiI9vxHXGAR8Sbl6
> =BOhG
> -----END PGP SIGNATURE-----
> _______________________________________________
> Speakup mailing list
> Speakup at braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>



More information about the Speakup mailing list