user FTP not working, anonymous is

[brileigh]

I have set up a Fedora 4 server with the HowToForge Perfect setup guides and have also installed ISPConfig.

After creating a site, and creating a user/email within that site (ie not a customer but a site user), I find that I can log into to FTP from WebFTP as the user, but not from an external host on the same network, with a traditional ftp client. I do not have any firewalling on that machine plus is I set it to accept Anonymous connections it makes the connection, so network connectivity etc is not an issue.

Are there any tricks or traps that I might have stumbled into? Or areas I should specifically check?


Many thanks
Brian

[till]

Quote:

Originally Posted by brileigh

I have set up a Fedora 4 server with the HowToForge Perfect setup guides and have also installed ISPConfig.

After creating a site, and creating a user/email within that site (ie not a customer but a site user), I find that I can log into to FTP from WebFTP as the user, but not from an external host on the same network, with a traditional ftp client. I do not have any firewalling on that machine plus is I set it to accept Anonymous connections it makes the connection, so network connectivity etc is not an issue.

Are there any tricks or traps that I might have stumbled into? Or areas I should specifically check?

Please check with the command "netstat -tap" if your ftp server is listening on all IP addresses. The WebFTP is connecting on localhost with a normal FTP connection, so you can be sure thet FTP and authentication are working on localhost (IP 127.0.0.1).

[falko]

Have a look here: http://www.howtoforge.com/forums/showthread.php?t=196

[brileigh]

Thanks for that... I had looked at that before... and the the ftp port is being serviced by proftpd

Even on the local machine where I can log into to FTP through ISPConfig's WebFTP I cannot do it from a local machine's ftp client using the same credentials.

If I set if for anonymous FTP from a remote machine then I can access it, however it opens a folder called "incoming", and that folder does not appear in the ISPConfig managed site. The only reference I can find to that folder anywhere on the machine is in the folder /var/spool/postfix/incoming, but curiously if I create a folder in there it does not show up on the remote ftp client. The incomg folder seems to be being magicked out of nowhere...

Being able to access something (whatever it is) as the anonymous userseems to me to prove that it is not a firewall issue, and that it is a user rights issue. I have checked the /etc/passwd and when I do not have anonymous FTP turned on, then I just have the one user web1_xx and if I have anonymous turned on then I have the above user plus web1_anonftp.

I have checked the web1_xx rights and the group web1...

I am really lost, and the anonymous user "incoming" folder showing up on remote ftp clients has me quite confused...

Thanks
Brian

[till]

As you are using FC4 you should have a look at the link falko posted above, it might be a pam configuration problem.

[brileigh]

Hi,

I have looked at that and yes it is FC4, however I am not sure how that forum link helps, as it details the problem which is the same as I am having, but there is no discussion about the PAM authentication in that item.

What is the PAM issue that needs to be addressed...

Many thanks for everyone's assistance too...

Regards
Brian

[falko]

Have a look at page 2 of that thread...

[brileigh]

Doh... page 2....

That excited me, until I got to the part of finding a /etc/pam.d/ftp file with the following already in it.

#%PAM-1.0
auth required pam_unix.so nullok
account required pam_unix.so
session required pam_uni.so

Have I missed something? By the way, this was already created and this was an fc4 install.

Thanks for all your assistance Falko... I really have appreciated your HowTo's and thanks for the assistance with this problem. I am relatively new to the Linux world, having been entrenched in the DOS/Windows/Netware world for many years, and my only foray's into Linux have been setting up boxex for things like routing, small samba boxes etc, which once they are set up never seem to even need much touching again. I have been active as contributors to other OS and product forums, and I hope that my Linux skills will improve enough to the point where I can contribute back to the Linux world where I am finding so many capable people willing to help me get my footing.

Many thanks
Brian

[falko]

Quote:

Originally Posted by brileigh

Doh... page 2....

That excited me, until I got to the part of finding a /etc/pam.d/ftp file with the following already in it.

#%PAM-1.0
auth required pam_unix.so nullok
account required pam_unix.so
session required pam_uni.so

Have I missed something? By the way, this was already created and this was an fc4 install.

You mean it's still not working?

[brileigh]

still not working :-(