hi
I am having issues when trying to connect using ftp, I am having the following error:
User (10.100.48.73:(none)): moz
331 Password required for moza.
Password:
530 Login incorrect.
Login failed.
ftp> by
221 Goodbye.
I have created a user like this:
useradd -g 10 -d /lam/moza -m -s /bin/bash moza
passwd moza
ftpconfig -d /lam/moza
in.ftpd -a
I did make sure that the username was in /etc/ftpd/ftpaccess file
But I am still having that error
The network connection itself seems to work and "moz" (instead of "moza") is, i suppose, a just a typo.
A possible reason is how the system is configured to authorize user accounts: in case you have, say, LDAP users primarily it might well be that the password ftp asks for is for a (hypothetical) LDAP-user "moza" instead of the local user "moza". The same might be the case for NIS (instead of LDAP), a native kerberos-domain, and similar systems.
I hope this helps.
bakunin
ftp 10.100.48.73
Connected to 10.100.48.73.
220 nikira-app1 FTP server ready.
User (10.100.48.73:(none)): moza
331 Password required for moza.
Password:
530 Login incorrect.
Login failed.
ftp> by
221 Goodbye.
I did use now the correct username, but no luck
You need to also check the sense of the file /etc/ftpd/ftpaccess. In the config file for your FTP server, there will be several lines to describe it and it can be either an "only allow in this list" or an "exclude this list" so you will have to read what it says carefully. It can be very confusingly written.
What is the FTP server you are using? I could guess vsftpd for a Linux server, but that is not certain to be on Solaris. There is probably a pkginfo command that will list out all packages. Pipe this through grep for the string ftpd and see what you get.
Robin
Hi
I may ave missed out something, please help:
bash-3.00# pkginfo | grep ftp
system SUNWftpr FTP Server, (Root)
system SUNWftpu FTP Server, (Usr)
system SUNWtftp Trivial File Transfer Server
system SUNWtftpr Trivial File Transfer Server (Root)
bash-3.00#
and on the /etc/ftpd/ftpaccess file, did not see:
cat /etc/ftpd/ftpaccess
# ident "@(#)ftpaccess 1.2 03/05/14 SMI"
#
# FTP server configuration file, see ftpaccess(4).
#
class realusers real *
class guestusers guest *
class anonusers anonymous *
loginfails 3
passwd-check trivial warn
private no
shutdown /etc/ftpd/shutdown.msg
# email user@hostname
# guestuser username
guestuser moza
# rhostlookup no
keepalive yes
recvbuf 65536 real,guest,anonymous
sendbuf 65536 real,guest,anonymous
# flush-wait no anonymous
# passive ports 0.0.0.0/0 32768 65535
# timeout data 600
# timeout idle 300
banner /etc/ftpd/banner.msg
greeting brief
message /etc/ftpd/welcome.msg login
message .message cwd=*
readme README* login
readme README* cwd=*
# quota-info *
chmod no anonymous
delete no anonymous
overwrite no anonymous
rename no anonymous
umask no anonymous
compress yes realusers guestusers anonusers
tar yes realusers guestusers anonusers
path-filter guest,anonymous /etc/ftpd/filename.msg ^[[:alnum:]._-]*$ ^[.-]
noretrieve relative class=anonusers /
allow-retrieve relative class=anonusers /pub
upload class=anonusers * * no nodirs
# upload class=anonusers * /incoming yes ftpadm ftpadm 0440 nodirs
# log commands real,guest,anonymous
# log security real,guest,anonymous
# log transfers real,guest,anonymous inbound,outbound
# xferlog format %T %Xt %R %Xn %XP %Xy %Xf %Xd %Xm %U ftp %Xa %u %Xc %Xs %Xr
# limit-time anonymous 30
# limit anonusers 10 Wk0730-1800 /etc/ftpd/toomany.msg
# limit anonusers 50 SaSu|Any1800-0730 /etc/ftpd/toomany.msg
bash-3.00#
According to your posted session transscript i think that the ftp server is up ad running and the entry in /etc/ftpd/ftpaccess is OK as well. Otherwise you shouldn't ge as far as you came.
I still think you may have a different authorisation scheme (kerberos, NIS, LDAP, ....) in place and you are not asked for a local users password but a, say, LDAP-users password, which might be quite different from what you gave to the local user.
I am no specialist in Solaris, but with this hint you should be able to investigate if this might be the case or not.
I hope this helps.
bakunin
Hi
the fact that I am trying to create this ftp user on a non-global zone, does not make an issue?
Maybe you can work along to the documentation:
Administering the FTP Server (Task Map) - System Administration Guide: Network Services
I think I solved the problem:
on /etc/passwd I have changed the shell of the user from bash to /bin/false
them I changed the group of the ftp user, them change the permissions of the landing directory
Perhaps. Why didn't you tell us this little detail when you told us "i created a user like this" in post #1? Obviously you did not "like this" but "like this and then a lot more".
If you want an anonymous yet secure ftp-service (what you did looks like this is what you are after) you might want to set up the ftpd (ftp server daemon) in a "chroot"ed environment. See man chroot for the details on this. This way you don't need a special user at all and you can still isolate the service from the rest of the system.
I hope this helps.
bakunin
perhaps I was misled by what this blogger: Solaris_blog: FTP user with restriction to home directory(CHROOT USER) when he says
These are different points: a "local zone" in Solaris is already a (sort-of) chroot -environment and you cannot chrootin a chroot-env. Therefore you need to do this from the global zone (=parent environment) instead.
I hope this helps.
bakunin