Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 24th May 2012, 17:29
Captain Captain is offline
Senior Member
 
Join Date: Feb 2009
Posts: 271
Thanks: 75
Thanked 6 Times in 5 Posts
Exclamation pureftpd-mysql Authentication failed for user

Hello Guys!

I dont know what to do.
I try to find answers in web, try many manipulations with config files and etc.
But I can not connect to FTP.
I have Perfect Install Ubunut 12.04 ISPConfig 3 final.

In debug mode in pureftpd:
Code:
May 24 18:13:10 in pure-ftpd: (?@192.168.1.102) [INFO] New connection from 192.168.1.102
May 24 18:13:10 in pure-ftpd: (?@192.168.1.102) [DEBUG] Command [user] [username]
May 24 18:13:10 in pure-ftpd: (?@192.168.1.102) [DEBUG] Command [pass] [<*>]
May 24 18:13:14 in pure-ftpd: (?@192.168.1.102) [WARNING] Authentication failed for user [username]
May 24 18:13:14 in pure-ftpd: (?@192.168.1.102) [INFO] Logout.
User is created in ISPConfig panel.
Password in mysql.conf (pureftpd) is right.

Try 127.0.0.1 change to localhost.
Try encrypt methods.
try to recreate ftp users.
Try with TLS and without it. TLS accept is ok.
Code:
Status:	Connecting to 192.168.1.101:21...
Status:	Connection established, waiting for welcome message...
Response:	220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
Response:	220-You are user number 1 of 50 allowed.
Response:	220-Local time is now 18:26. Server port: 21.
Response:	220-This is a private system - No anonymous login
Response:	220-IPv6 connections are also welcome on this server.
Response:	220 You will be disconnected after 15 minutes of inactivity.
Command:	AUTH TLS
Response:	234 AUTH TLS OK.
Status:	Initializing TLS...
Status:	Verifying certificate...
Command:	USER username
Status:	TLS/SSL connection established.
Response:	331 User username OK. Password required
Command:	PASS ******
Response:	530 Login authentication failed
Error:	Critical error
Error:	Could not connect to server
Iptables:

Code:
root@in:~# iptables -L
Chain INPUT (policy DROP)
target     prot opt source               destination
fail2ban-dovecot-pop3imap  tcp  --  anywhere             anywhere             multiport dports pop3,pop3s,imap2,imaps
fail2ban-pureftpd  tcp  --  anywhere             anywhere             multiport dports ftp
fail2ban-sasl  tcp  --  anywhere             anywhere             multiport dports smtp,ssmtp,imap2,imap3,imaps,pop3,pop3s
fail2ban-courierauth  tcp  --  anywhere             anywhere             multiport dports smtp,ssmtp,imap2,imap3,imaps,pop3,pop3s
fail2ban-couriersmtp  tcp  --  anywhere             anywhere             multiport dports smtp,ssmtp
fail2ban-postfix  tcp  --  anywhere             anywhere             multiport dports smtp,ssmtp
fail2ban-apache-overflows  tcp  --  anywhere             anywhere             multiport dports http,https
fail2ban-apache-noscript  tcp  --  anywhere             anywhere             multiport dports http,https
fail2ban-ssh-ddos  tcp  --  anywhere             anywhere             multiport dports ssh
fail2ban-ssh  tcp  --  anywhere             anywhere             multiport dports ssh
DROP       tcp  --  anywhere             127.0.0.0/8
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere
DROP       all  --  base-address.mcast.net/4  anywhere
PUB_IN     all  --  anywhere             anywhere
PUB_IN     all  --  anywhere             anywhere
PUB_IN     all  --  anywhere             anywhere
PUB_IN     all  --  anywhere             anywhere
PUB_IN     all  --  anywhere             anywhere
DROP       all  --  anywhere             anywhere

Chain FORWARD (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
DROP       all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
PUB_OUT    all  --  anywhere             anywhere
PUB_OUT    all  --  anywhere             anywhere
PUB_OUT    all  --  anywhere             anywhere
PUB_OUT    all  --  anywhere             anywhere
PUB_OUT    all  --  anywhere             anywhere

Chain INT_IN (0 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere
DROP       all  --  anywhere             anywhere

Chain INT_OUT (0 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere

Chain PAROLE (12 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere

Chain PUB_IN (5 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere             icmp destination-unreachable
ACCEPT     icmp --  anywhere             anywhere             icmp echo-reply
ACCEPT     icmp --  anywhere             anywhere             icmp time-exceeded
ACCEPT     icmp --  anywhere             anywhere             icmp echo-request
PAROLE     tcp  --  anywhere             anywhere             tcp dpt:ftp
PAROLE     tcp  --  anywhere             anywhere             tcp dpt:ssh
PAROLE     tcp  --  anywhere             anywhere             tcp dpt:smtp
PAROLE     tcp  --  anywhere             anywhere             tcp dpt:domain
PAROLE     tcp  --  anywhere             anywhere             tcp dpt:http
PAROLE     tcp  --  anywhere             anywhere             tcp dpt:pop3
PAROLE     tcp  --  anywhere             anywhere             tcp dpt:imap2
PAROLE     tcp  --  anywhere             anywhere             tcp dpt:https
PAROLE     tcp  --  anywhere             anywhere             tcp dpt:imaps
PAROLE     tcp  --  anywhere             anywhere             tcp dpt:mysql
PAROLE     tcp  --  anywhere             anywhere             tcp dpt:http-alt
PAROLE     tcp  --  anywhere             anywhere             tcp dpts:40110:40210
ACCEPT     udp  --  anywhere             anywhere             udp dpt:domain
ACCEPT     udp  --  anywhere             anywhere             udp dpt:mysql
DROP       icmp --  anywhere             anywhere
DROP       all  --  anywhere             anywhere

Chain PUB_OUT (5 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere

Chain fail2ban-apache-noscript (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-apache-overflows (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-courierauth (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-couriersmtp (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-dovecot-pop3imap (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-postfix (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-pureftpd (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-sasl (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-ssh (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-ssh-ddos (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere
Please help to solve this problem.
Reply With Quote
Sponsored Links
  #2  
Old 24th May 2012, 17:54
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 34,586
Thanks: 792
Thanked 4,983 Times in 3,903 Posts
Default

And you are really sure that you usedthe correct username incl. the prefix as it is dosplayed in the ftp user list? If you use the username without the prefix, the login must fail.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 24th May 2012, 17:59
Captain Captain is offline
Senior Member
 
Join Date: Feb 2009
Posts: 271
Thanks: 75
Thanked 6 Times in 5 Posts
Default

yes I use Username from ISPConfig panel - all name with prefix.
I have change prefix to inf[CLIENTID].
User name now is inf3ftp. (ftp is entered by hand, in ftp user creation menu)
I check it in ISPCOnfig and in DB too.
Reply With Quote
  #4  
Old 24th May 2012, 19:04
Captain Captain is offline
Senior Member
 
Join Date: Feb 2009
Posts: 271
Thanks: 75
Thanked 6 Times in 5 Posts
Exclamation

Connection to MySQL:

Code:
120524 19:57:46   109 Connect   ispconfig@localhost on dbispconfig
                  109 Query     set autocommit=0
                  109 Query     SELECT password FROM ftp_user WHERE active = 'y' AND server_id = '1' AND username="inf3ftp"
                  109 Query     SELECT uid FROM ftp_user WHERE active = 'y' AND server_id = '1' AND username="inf3ftp"
                  109 Query     SELECT gid FROM ftp_user WHERE active = 'y' AND server_id = '1' AND username="inf3ftp"
                  109 Query     SELECT dir FROM ftp_user WHERE active = 'y' AND server_id = '1' AND username="inf3ftp"
                  109 Query     COMMIT
                  109 Quit
I have installed mod_security, and mod_evasive and configure some php disable_functions.
PassivePortRange is on. In ISPConfig firewall too.
/var is mounted as nodev, nosuid

ISPConfig DNS is not configure at this moment.
Now I have a fresh install.
Add 2 virtual web sites.

I dont know what esle to tell. And where can be a problem.

Thnk you.

Last edited by Captain; 24th May 2012 at 19:07.
Reply With Quote
  #5  
Old 24th May 2012, 19:06
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 34,586
Thanks: 792
Thanked 4,983 Times in 3,903 Posts
Default

Quote:
configure some php disable_functions.
If you disabled e.g. php exec functions in the php that is used for the ispconfig cronjob (php-cli on debian or ubuntu and php-cgi on other distributions), then ipconfig will fails to create websites correctly and this causes ftp to fail.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
The Following User Says Thank You to till For This Useful Post:
Captain (24th May 2012)
  #6  
Old 24th May 2012, 19:19
Captain Captain is offline
Senior Member
 
Join Date: Feb 2009
Posts: 271
Thanks: 75
Thanked 6 Times in 5 Posts
Default

SOLVED!
My PHP disable_functions is too hard for ISConfig.

Thank you for attention.
Reply With Quote
  #7  
Old 24th May 2012, 19:22
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 34,586
Thanks: 792
Thanked 4,983 Times in 3,903 Posts
Default

You must differentiate between the php.ini files. Disabling exec in cli php.ini makes no sense as cli means shell script anyway. In the cgi and apache php.ini files you can disable exec functions as this affects only your websites and not the ispconfig server cronjob.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
The Following User Says Thank You to till For This Useful Post:
Captain (24th May 2012)
  #8  
Old 24th May 2012, 19:30
Captain Captain is offline
Senior Member
 
Join Date: Feb 2009
Posts: 271
Thanks: 75
Thanked 6 Times in 5 Posts
 
Default

For other users:

Your PHP configuration and its support by ISPConfig you can check execute:

/usr/local/ispconfig/server/server.sh

If you see any PHP Warning, please check your php configurations.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ISPConfig3 won't start after update Cracklefish Installation/Configuration 15 28th February 2012 14:11
CPU load locks up box. Apache or MYSQL related. crypted General 61 29th October 2010 22:16
Need some Hints to "The Perfect Server - Debian Lenny (Debian 5.0) [ISPConfig 3]" wahid HOWTO-Related Questions 10 25th August 2010 15:18
ISPConfig3 Mail Warn Errors reason8 General 3 25th November 2009 13:58
MySQL problem satimis Server Operation 5 25th June 2008 15:41


All times are GMT +2. The time now is 22:58.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.