View Single Post
  #6  
Old 14th August 2005, 04:18
brandon brandon is offline
Junior Member
 
Join Date: Aug 2005
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Default iptables listing and /var/log/secure and /var/log/messages entries

I am experiencing the same issue.
I can login to SSH from a remote system using one of the user logins, but am unable to use that same username/password pair to login to FTP remotely, but I can login with that username password locally when I connect to localhost.

Till: Regarding the question posed to Pete, here is my iptables output:

# iptables -L -t filter
Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

# iptables -L -t nat
Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination

Chain PREROUTING (policy ACCEPT)
target prot opt source destination

# iptables -L -t mangle
Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination

Chain PREROUTING (policy ACCEPT)
target prot opt source destination


This is very confusing to me. Here are the relevant messages from /var/log/secure:
Aug 13 18:58:44 webhost sshd[28692]: Accepted password for web2_brandon from REMOTEHOST port 51960 ssh2
Aug 13 19:04:05 webhost proftpd[28887]: webhost.mydomain.tld (127.0.0.1[127.0.0.1]) - USER web2_brandon: Login successful.
Aug 13 19:04:40 webhost proftpd[28900]: webhost.mydomain.tld (REMOTEHOST[REMOTEHOST]) - USER web2_brandon (Login failed): Incorrect password.


and if you can believe it, I used the same password for all three of those login attempts.

Here are some entries from /var/log/messages:

Aug 13 19:03:57 webhost proftpd[28887]: webhost.mydomain.tld (127.0.0.1[127.0.0.1]) - FTP session opened.
Aug 13 19:04:05 webhost proftpd(pam_unix)[28887]: session opened for user web2_brandon by (uid=0)
Aug 13 19:04:20 webhost proftpd[28887]: webhost.mydomain.tld (127.0.0.1[127.0.0.1]) - PAM(setcred): System error
Aug 13 19:04:20 webhost proftpd[28887]: webhost.mydomain.tld (127.0.0.1[127.0.0.1]) - PAM(close_session): System error
Aug 13 19:04:20 webhost proftpd[28887]: webhost.mydomain.tld (127.0.0.1[127.0.0.1]) - FTP session closed.
Aug 13 19:04:28 webhost sshd(pam_unix)[28695]: session closed for user web2_brandon
Aug 13 19:04:31 webhost proftpd[28900]: myHostIPAddress (REMOTEHOST[REMOTEHOST]) - FTP session opened.
Aug 13 19:04:40 webhost proftpd[28900]: myHostIPAddress (REMOTEHOST[REMOTEHOST]) - PAM(web2_brandon): Authentication failure.
Aug 13 19:09:05 webhost proftpd[28900]: myHostIPAddress (REMOTEHOST[REMOTEHOST]) - FTP login timed out, disconnected
Aug 13 19:09:05 webhost proftpd[28900]: myHostIPAddress (REMOTEHOST[REMOTEHOST]) - FTP session closed.

Last edited by brandon; 14th August 2005 at 04:26.
Reply With Quote