Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 6th September 2011, 13:03
adnese adnese is offline
Junior Member
 
Join Date: Nov 2010
Posts: 15
Thanks: 0
Thanked 0 Times in 0 Posts
Default pure-ftpd 530 Login authentication failed

Hello,

I'm having some auth issues while trying to login via ftp:

220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 12:38. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 15 minutes of inactivity.
Name (e-worlds.sk:adrian): eworldsftp
331 User eworldsftp OK. Password required
Password:
530 Login authentication failed
Login failed.
Remote system type is UNIX.
Using binary mode to transfer files.


My config:

root@e-worlds:/var/log# cat /etc/default/pure-ftpd-common
# Configuration for pure-ftpd
# (this file is sourced by /bin/sh, edit accordingly)

# STANDALONE_OR_INETD
# valid values are "standalone" and "inetd".
# Any change here overrides the setting in debconf.
STANDALONE_OR_INETD=standalone

# VIRTUALCHROOT:
# whether to use binary with virtualchroot support
# valid values are "true" or "false"
# Any change here overrides the setting in debconf.
VIRTUALCHROOT=true

# UPLOADSCRIPT: if this is set and the daemon is run in standalone mode,
# pure-uploadscript will also be run to spawn the program given below
# for handling uploads. see /usr/share/doc/pure-ftpd/README.gz or
# pure-uploadscript(8)

# example: UPLOADSCRIPT=/usr/local/sbin/uploadhandler.pl
UPLOADSCRIPT=

# if set, pure-uploadscript will spawn $UPLOADSCRIPT running as the
# given uid and gid
UPLOADUID=
UPLOADGID=

pure-mysql:

##############################################
# #
# Sample Pure-FTPd Mysql configuration file. #
# See README.MySQL for explanations. #
# #
##############################################


# Optional : MySQL server name or IP. Don't define this for unix sockets.

#MYSQLServer 127.0.0.1
MYSQLServer localhost


# Optional : MySQL port. Don't define this if a local unix socket is used.

# MYSQLPort 3306


# Optional : define the location of mysql.sock if the server runs on this host.

# MYSQLSocket /var/run/mysqld/mysqld.sock


# Mandatory : user to bind the server as.

MYSQLUser ispconfig


# Mandatory : user password. You must have a password.

MYSQLPassword xxxxxxxxxxxxxxxxxxxxxxxxxxx


# Mandatory : database to open.

MYSQLDatabase dbispconfig


# Mandatory : how passwords are stored
# Valid values are : "cleartext", "crypt", "md5" and "password"
# ("password" = MySQL password() function)
# You can also use "any" to try "crypt", "md5" *and* "password"

MYSQLCrypt crypt


# In the following directives, parts of the strings are replaced at
# run-time before performing queries :
#
# \L is replaced by the login of the user trying to authenticate.
# \I is replaced by the IP address the user connected to.
# \P is replaced by the port number the user connected to.
# \R is replaced by the IP address the user connected from.
# \D is replaced by the remote IP address, as a long decimal number.
#
# Very complex queries can be performed using these substitution strings,
# especially for virtual hosting.


# Query to execute in order to fetch the password

MYSQLGetPW SELECT password FROM ftp_user WHERE active = 'y' AND server_id = '1' AND username="\L"


# Query to execute in order to fetch the system user name or uid

MYSQLGetUID SELECT uid FROM ftp_user WHERE active = 'y' AND server_id = '1' AND username="\L"


# Optional : default UID - if set this overrides MYSQLGetUID

#MYSQLDefaultUID 1000


# Query to execute in order to fetch the system user group or gid

MYSQLGetGID SELECT gid FROM ftp_user WHERE active = 'y' AND server_id = '1' AND username="\L"


# Optional : default GID - if set this overrides MYSQLGetGID

#MYSQLDefaultGID 1000


# Query to execute in order to fetch the home directory

MYSQLGetDir SELECT dir FROM ftp_user WHERE active = 'y' AND server_id = '1' AND username="\L"


# Optional : query to get the maximal number of files
# Pure-FTPd must have been compiled with virtual quotas support.

MySQLGetQTAFS SELECT quota_files FROM ftp_user WHERE active = 'y' AND server_id = '1' AND quota_files != '-1' AND username="\L"


# Optional : query to get the maximal disk usage (virtual quotas)
# The number should be in Megabytes.
# Pure-FTPd must have been compiled with virtual quotas support.

MySQLGetQTASZ SELECT quota_size FROM ftp_user WHERE active = 'y' AND server_id = '1' AND quota_size != '-1' AND username="\L"


# Optional : ratios. The server has to be compiled with ratio support.

MySQLGetRatioUL SELECT ul_ratio FROM ftp_user WHERE active = 'y' AND server_id = '1' AND ul_ratio != '-1' AND username="\L"
MySQLGetRatioDL SELECT dl_ratio FROM ftp_user WHERE active = 'y' AND server_id = '1' AND dl_ratio != '-1' AND username="\L"


# Optional : bandwidth throttling.
# The server has to be compiled with throttling support.
# Values are in KB/s .

MySQLGetBandwidthUL SELECT ul_bandwidth FROM ftp_user WHERE active = 'y' AND server_id = '1' AND ul_bandwidth != '-1' AND username="\L"
MySQLGetBandwidthDL SELECT dl_bandwidth FROM ftp_user WHERE active = 'y' AND server_id = '1' AND dl_bandwidth != '-1' AND username="\L"

# Enable ~ expansion. NEVER ENABLE THIS BLINDLY UNLESS :
# 1) You know what you are doing.
# 2) Real and virtual users match.

# MySQLForceTildeExpansion 1


# If you upgraded your tables to transactionnal tables (Gemini,
# BerkeleyDB, Innobase...), you can enable SQL transactions to
# avoid races. Leave this commented if you are using the
# traditionnal MyIsam databases or old (< 3.23.x) MySQL versions.

MySQLTransactions On

I've tried this one : http://www.howtoforge.com/forums/showthread.php?t=51938

- edited MYSQLServer 127.0.0.1 to MYSQLServer localhost, but I'm still unable to login via ftp (cli or ftp client, doesn't matter)

- /var/log/pure-ftpd/ is empty - there is one empty transfer.log file

- I followed http://www.howtoforge.com/perfect-se...ispconfig-3-p4

Any Idea what's wrong with the ftp user authentication ?

Thanks,

Adrian
Reply With Quote
Sponsored Links
  #2  
Old 6th September 2011, 13:07
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,983
Thanks: 825
Thanked 5,372 Times in 4,219 Posts
Default

Enable debugging in pure FTPD as described in the ISPConfig FAQ and then post the exact log output that you get then.

http://www.faqforge.com/linux/contro...-debian-linux/
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 6th September 2011, 13:48
adnese adnese is offline
Junior Member
 
Join Date: Nov 2010
Posts: 15
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Hi,

after enabling debug mode for pure-ftpd I get:

[INFO] New connection from
[DEBUG] Command [user] [ewolrdsftp]
[DEBUG] Command [pass] [<*>]
[INFO] PAM_RHOST enabled. Getting the peer address
[WARNING] Authentication failed for user [ewolrdsftp]
[INFO] Logout.
New connection from
[DEBUG] Command [user] [eworldsftp]
[DEBUG] Command [pass] [<*>]
[WARNING] Authentication failed for user [eworldsftp]
[INFO] Logout.

Thanks,

Adrian
Reply With Quote
  #4  
Old 6th September 2011, 13:53
adnese adnese is offline
Junior Member
 
Join Date: Nov 2010
Posts: 15
Thanks: 0
Thanked 0 Times in 0 Posts
Default

DontResolve is set to yes:

http://www.faqforge.com/linux/contro...name-rsolving/

still no login possible
Reply With Quote
  #5  
Old 7th September 2011, 09:49
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,983
Thanks: 825
Thanked 5,372 Times in 4,219 Posts
Default

Check that you are able to login to mysql database with the username and password from the pure-ftpd configuration file. then check that the ftp user is in the ftp user tabel in the ispconfig mysql database.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #6  
Old 7th September 2011, 10:38
adnese adnese is offline
Junior Member
 
Join Date: Nov 2010
Posts: 15
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Hello Till,

I was able to found an workaround, but that's no solution, just a workaround:

"echo no > /etc/pure-ftpd/conf/PAMAuthentication"

that did the trick, after that I was able to login via ftp. But is there a way how to get ftp logins working without disabling PAMAuth for pure-ftpd ?

I'm a bit confused, 'cause I have 2 virtual servers with the same config (Debian 6 + ISPConfig III) - both had until this workaround same config. One of them is working well, the second one - till the workaround has been applied - didn't work well (ftp login failed - 530)

Any other hint what could be wrong?

Thank you,

Adrian
Reply With Quote
  #7  
Old 7th September 2011, 11:08
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,983
Thanks: 825
Thanked 5,372 Times in 4,219 Posts
Default

Disabling PAM auth is ok, as it is not used anyway. Maybe you have a shell user "eworldsftp" in /etc/passwd on that server, so that the user conflicts with the virtual FTP user with the same name and pure-ftpd tried to authenticate against the shell user instead of the FTP user.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #8  
Old 9th September 2011, 15:15
adnese adnese is offline
Junior Member
 
Join Date: Nov 2010
Posts: 15
Thanks: 0
Thanked 0 Times in 0 Posts
Default

yes, maybe there's a conflict but I cannot confirm we had such ftp (system) user. Ok, thank you so far

Regards,

Adrian
Reply With Quote
  #9  
Old 22nd December 2011, 00:11
mrmookie mrmookie is offline
Junior Member
 
Join Date: Dec 2010
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default Same issues..

I've having the same issues as described above. This is happening after a dist-upgrade and ISPconfig update.

Everything worked great before the upgrade. My configs look almost identical.


Mook
Reply With Quote
  #10  
Old 22nd December 2011, 00:31
mrmookie mrmookie is offline
Junior Member
 
Join Date: Dec 2010
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default /etc/pure-ftpd/db/mysql.conf reset..

I seems after the upgrade the file /etc/pure-ftpd/db/mysql.conf was overwritten with the default?


# Optional : MySQL server name or IP. Don't define this for unix sockets.

# MYSQLServer 127.0.0.1


# Optional : MySQL port. Don't define this if a local unix socket is used.

# MYSQLPort 3306


# Optional : define the location of mysql.sock if the server runs on this host.

MYSQLSocket /var/run/mysqld/mysqld.sock


# Mandatory : user to bind the server as.

MYSQLUser root


# Mandatory : user password. You must have a password.

MYSQLPassword rootpw


# Mandatory : database to open.

MYSQLDatabase pureftpd


# Mandatory : how passwords are stored
# Valid values are : "cleartext", "crypt", "sha1", "md5" and "password"
# ("password" = MySQL password() function)
# You can also use "any" to try "crypt", "sha1", "md5" *and* "password"

MYSQLCrypt cleartext



What should these settings be in order to restore pureftp into ISPconfig? Looks like my DB is setup in dbispconfig correctly.


Thanks.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Failed during pvmove, howto: set up software raid 1 on running LVM system sbh77 HOWTO-Related Questions 2 8th October 2010 00:11
Need some Hints to "The Perfect Server - Debian Lenny (Debian 5.0) [ISPConfig 3]" wahid HOWTO-Related Questions 10 25th August 2010 15:18
squirrelmail and postfix witoszek General 12 1st December 2009 18:07
Systemimager (rsync) doesn't copy all comedit HOWTO-Related Questions 11 19th January 2007 17:17
How to install BFD (Brute Force Detection) domino Tips/Tricks/Mods 9 31st March 2006 22:40


All times are GMT +2. The time now is 07:51.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.