I'm trying to get ftp working over ssh using the instructions from the pure ftp site

useradd -u ftpuser -g ftpuser -d /dev/null -s /usr/bin/false customer2
pure-pw useradd customer2 -m -d /home/customer2 -u ftpuser -r 127.0.0.1/32

On this setup, both the ftpuser and group ids are called ftpuser, when I try to run the above command, it complains about user id not being a numerical value, so I changed the line to

useradd -u 1000 -g ftpuser -d /dev/null -s /usr/bin/false customer2

and it accepts that, here's what pure-pw show customer2 /etc/pure-ftpd/pureftpd.passwd shows.

Login : customer2
Password : $1$U/k6JjO0$CWo1z1oTbYBwe4MdvFdnW.
UID : 5008 (ftpuser)
GID : 1000 (ftpuser)
Directory : /home/healthup/./
Full name :
Download bandwidth : 0 Kb (unlimited)
Upload bandwidth : 0 Kb (unlimited)
Max files : 0 (unlimited)
Max size : 0 Mb (unlimited)
Ratio : 0:0 (unlimited:unlimited)
Allowed local IPs :
Denied local IPs :
Allowed client IPs : 127.0.0.1/32
Denied client IPs :
Time restrictions : 0000-0000 (unlimited)
Max sim sessions : 0 (unlimited)


I've already got pure ftp working without ssh using mysql, I've added the user into allowedUsers in sshd.conf, I've added /usr/bin/false into etc/shells, i've restarted everything but I keep getting this in auth.log


Nov 28 23:34:52 serv1 sshd[3304]: error: PAM: Authentication failure for illegal user customer2 from <my network ID>
Nov 28 23:34:52 serv1 sshd[3304]: Failed keyboard-interactive/pam for illegal user customer2 from <MY IP ADDRESS> port 1960 ssh2


and maybe it's just too late in the day but I'm a bit stuck now, any ideas?

BTW, I'm using debian sarge and for ftp client I've tried securefx and filezilla


But then when I restart SSH and try to log in, I get these errors

Nov 28 23:54:23 serv1 sshd[11504]: User customer2 not allowed because shell /usr/bin/false does not exist
Nov 28 23:54:27 serv1 sshd[11504]: (pam_unix) authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=<my network ID> user=customer2
Nov 28 23:54:29 serv1 sshd[11504]: error: PAM: Authentication failure for illegal user customer2 from <my network ID>
Nov 28 23:54:29 serv1 sshd[11504]: Failed keyboard-interactive/pam for illegal user customer2 from <MY IP ADDRESS> port 2020 ssh2

I'm even more confused

Please change the shell of customer2 from /usr/bin/false to /bin/false in /etc/passwd.

thank you very much, that's got rid of all the errors, however I get this when I try to log in with securefx or filezilla

Nov 30 13:01:12 serv1 sshd[30096]: Accepted keyboard-interactive/pam for customer2 from <MY IP ADDRESS> port 3165 ssh2
Nov 30 13:01:12 serv1 sshd[30100]: (pam_unix) session opened for user customer2 by (uid=0)
Nov 30 13:01:12 serv1 sshd[30100]: subsystem request for sftp
Nov 30 13:01:12 serv1 sshd[30100]: (pam_unix) session closed for user customer2


now what's confusing me about this is that even though in filezilla I specify port 22, it comes up as 3165 or some similar number here or is it meant to be doing that?

Yes, that's no problem.

thanks for that, I've only just been able to get back to this issue this morning. Do you have any idea why the sftp session won't stay open?

Sounds like a timeout problem. You can configure your SFTP client to send pings every 30 seconds or so so that the connection stays open.