| View previous topic :: View next topic |
| Author |
Message |
Highlands
Guru
Joined: 22 Apr 2003
Posts: 366
Location: Sundsvall, Sweden
|
 Posted: Sun Feb 27, 2005 7:47 pm Post subject: vsFTPd and PAM |
 |
|
I can't get my local users to log in
I get this in my log-file
| Code: | Feb 27 21:38:24 [xinetd] START: ftp pid=16689 from=192.168.1.4
Feb 27 21:38:26 [vsftpd] PAM-listfile: Refused user root for service vsftpd
Feb 27 21:38:29 [xinetd] EXIT: ftp pid=16689 duration=5(sec)
|
What is wrong?
_________________
If Windows is the answer, you don't understand the question!
http://counter.li.org/cgi-bin/certificate.cgi/339446 |
|
| Back to top |
|
 |
j-m
Retired Dev
Joined: 31 Oct 2004
Posts: 975
|
| Posted: Sun Feb 27, 2005 7:57 pm Post subject: |
|
|
| IIRC you cannot login as root in default vsftpd configuration and this must be explicitly allowed, which is not a good idea anyway. Don´t test with root account! |
|
| Back to top |
|
|
Highlands
Guru
Joined: 22 Apr 2003
Posts: 366
Location: Sundsvall, Sweden
|
| Posted: Sun Feb 27, 2005 8:12 pm Post subject: |
|
|
| Code: | Feb 27 22:12:22 [xinetd] START: ftp pid=25827 from=192.168.1.10
Feb 27 22:12:22 [vsftpd] PAM-listfile: Refused user www for service vsftpd
Feb 27 22:12:24 [xinetd] EXIT: ftp pid=25827 duration=2(sec)
|
_________________
If Windows is the answer, you don't understand the question!
http://counter.li.org/cgi-bin/certificate.cgi/339446 |
|
| Back to top |
|
|
j-m
Retired Dev
Joined: 31 Oct 2004
Posts: 975
|
| Posted: Sun Feb 27, 2005 8:13 pm Post subject: |
|
|
OMG! Test with real user, not www or any other system/root accounts.  |
|
| Back to top |
|
|
Highlands
Guru
Joined: 22 Apr 2003
Posts: 366
Location: Sundsvall, Sweden
|
| Posted: Sun Feb 27, 2005 9:31 pm Post subject: |
|
|
It seems that the users with a /bin/false shell doesn't log in...
I have removed the line: | Code: | | #auth required /lib/security/pam_shells.so |
without any success
any cloues?
_________________
If Windows is the answer, you don't understand the question!
http://counter.li.org/cgi-bin/certificate.cgi/339446 |
|
| Back to top |
|
|
j-m
Retired Dev
Joined: 31 Oct 2004
Posts: 975
|
| Posted: Sun Feb 27, 2005 9:33 pm Post subject: |
|
|
Users with /bin/false are not normal users. Why on earth don´t you create a normal vanilla test user account? Don´t you have any real users on your system? Why are you setting up an FTP server then   |
|
| Back to top |
|
|
Highlands
Guru
Joined: 22 Apr 2003
Posts: 366
Location: Sundsvall, Sweden
|
| Posted: Sun Feb 27, 2005 10:02 pm Post subject: |
|
|
it works with my normal shell user but this user with /bin/false as shell
Because i need this user to access the /var/www/localhost/htdocs to have FTP access to my homepage
_________________
If Windows is the answer, you don't understand the question!
http://counter.li.org/cgi-bin/certificate.cgi/339446 |
|
| Back to top |
|
|
j-m
Retired Dev
Joined: 31 Oct 2004
Posts: 975
|
| Posted: Sun Feb 27, 2005 10:05 pm Post subject: |
|
|
| Highlands wrote: |
Because i need this user to access the /var/www/localhost/htdocs to have FTP access to my homepage |
So set /var/www/localhost/htdocs as his home directory, use chroot_local_user=YES and give him normal shell.  |
|
| Back to top |
|
|
j-m
Retired Dev
Joined: 31 Oct 2004
Posts: 975
|
| Posted: Sun Feb 27, 2005 10:16 pm Post subject: |
|
|
And my last idea:
| Code: |
echo "/bin/false" >> /etc/shells
|
|
|
| Back to top |
|
|
Highlands
Guru
Joined: 22 Apr 2003
Posts: 366
Location: Sundsvall, Sweden
|
| Posted: Mon Feb 28, 2005 8:43 am Post subject: |
|
|
/etc/passwd
| Code: | | www:x:1001:81::/var/www/localhost/htdocs:/bin/bash |
/etv/vsftpd/vsftpd.conf
| Code: | chroot_local_user=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
dirmessage_enable=YES
connect_from_port_20=YES
xferlog_enable=YES
xferlog_file=/var/log/vsftpd/vsftpd.log
nopriv_user=nobody
|
I can't find the problem
_________________
If Windows is the answer, you don't understand the question!
http://counter.li.org/cgi-bin/certificate.cgi/339446 |
|
| Back to top |
|
|
j-m
Retired Dev
Joined: 31 Oct 2004
Posts: 975
|
| Posted: Mon Feb 28, 2005 9:51 am Post subject: |
|
|
| What are the permissions for /var/www/localhost/htdocs |
|
| Back to top |
|
|
Highlands
Guru
Joined: 22 Apr 2003
Posts: 366
Location: Sundsvall, Sweden
|
|
| Back to top |
|
|
j-m
Retired Dev
Joined: 31 Oct 2004
Posts: 975
|
| Posted: Mon Feb 28, 2005 3:50 pm Post subject: |
|
|
| OK, maybe vsftpd is so very secure that it won´t let you log in, maybe it does not like user "www", I don´t know. I am using pureftpd and have never had such obscure problems. Sorry I could not help. |
|
| Back to top |
|
|
|
Networking & Security
