bailif
March 14th, 2009, 14:31
Hi,
Im trying to run vsftpd through xinetd, and id like to know what i have been doing wrong;
xinetd.conf (regarding ftp)
service ftp
{
socket_type = stream
protocol = tcp
wait = no
user = vsftpd
server = /usr/local/libexec/vsftpd
server_args = /usr/local/etc/vsftpd.conf
port = 21
}
vsftpd.conf
anonymous_enable=NO
anon_upload_enable=NO
anon_root=/home/vuser
anon_mkdir_write_enable=YES
local_enable=YES
chroot_local_user=YES
write_enable=NO
local_umask=022
dirmessage_enable=YES
listen_address=192.168.2.10
listen_port=21
connect_from_port_20=YES
ftp_data_port=20
xferlog_enable=YES
xferlog_file=/var/log/vsftpd.log
xferlog_std_format=YES
log_ftp_protocol=YES
nopriv_user=vsftpd
run_as_launching_user=YES
listen=NO
background=NO
secure_chroot_dir=/var/sftp
pam_service_name=vsftpd
userlist_enable=NO
check_shell=NO
guest_enable=YES
guest_username=vuser
text_userdb_names=YES
vuser is user with nologin and without password authentication, i have added him to vsftpd_login.db (in vsftpd_login.db is vuser password as well).
192.168.2.10 is my jail address.
/etc/pam.d/vsftpd
auth required /usr/local/lib/pam_pwdfile.so pwdfile /usr/local/etc/vsftpd_login.db
account required /usr/lib/pam_login_access.so
log from vsftpd.log about single connection (ftp localhost)
Sat Mar 14 14:04:51 2009 [pid 18528] CONNECT: Client "192.168.2.10"
Sat Mar 14 14:04:51 2009 [pid 18528] FTP response: Client "192.168.2.10", "220"
Sat Mar 14 14:04:58 2009 [pid 18528] FTP command: Client "192.168.2.10", "USER vuser"
Sat Mar 14 14:04:58 2009 [pid 18528] [vuser] FTP response: Client "192.168.2.10", "331 Please specify the password."
Sat Mar 14 14:05:03 2009 [pid 18528] [vuser] FTP command: Client "192.168.2.10", "PASS <password>"
after typing password i get
421 Service not available, remote server has closed connection.
ftp: Login failed.
nothing more in log file, password is good for sure, because when i type incorrect password, i see it in /var/log/messages
if i try to connect to localhost via web browser (elinks in this case), after typing username and password i get error message Error reading from socket. no matter if i try to connect from inside jail, or from host
when i enable anonymous logins, everything is running smooth, but thats not the point...
jail is running at securlevel 1, but taht doesnt matter really
after few days digging on google, every forum and every site i found, im running out of ideas...so please help :)
Im trying to run vsftpd through xinetd, and id like to know what i have been doing wrong;
xinetd.conf (regarding ftp)
service ftp
{
socket_type = stream
protocol = tcp
wait = no
user = vsftpd
server = /usr/local/libexec/vsftpd
server_args = /usr/local/etc/vsftpd.conf
port = 21
}
vsftpd.conf
anonymous_enable=NO
anon_upload_enable=NO
anon_root=/home/vuser
anon_mkdir_write_enable=YES
local_enable=YES
chroot_local_user=YES
write_enable=NO
local_umask=022
dirmessage_enable=YES
listen_address=192.168.2.10
listen_port=21
connect_from_port_20=YES
ftp_data_port=20
xferlog_enable=YES
xferlog_file=/var/log/vsftpd.log
xferlog_std_format=YES
log_ftp_protocol=YES
nopriv_user=vsftpd
run_as_launching_user=YES
listen=NO
background=NO
secure_chroot_dir=/var/sftp
pam_service_name=vsftpd
userlist_enable=NO
check_shell=NO
guest_enable=YES
guest_username=vuser
text_userdb_names=YES
vuser is user with nologin and without password authentication, i have added him to vsftpd_login.db (in vsftpd_login.db is vuser password as well).
192.168.2.10 is my jail address.
/etc/pam.d/vsftpd
auth required /usr/local/lib/pam_pwdfile.so pwdfile /usr/local/etc/vsftpd_login.db
account required /usr/lib/pam_login_access.so
log from vsftpd.log about single connection (ftp localhost)
Sat Mar 14 14:04:51 2009 [pid 18528] CONNECT: Client "192.168.2.10"
Sat Mar 14 14:04:51 2009 [pid 18528] FTP response: Client "192.168.2.10", "220"
Sat Mar 14 14:04:58 2009 [pid 18528] FTP command: Client "192.168.2.10", "USER vuser"
Sat Mar 14 14:04:58 2009 [pid 18528] [vuser] FTP response: Client "192.168.2.10", "331 Please specify the password."
Sat Mar 14 14:05:03 2009 [pid 18528] [vuser] FTP command: Client "192.168.2.10", "PASS <password>"
after typing password i get
421 Service not available, remote server has closed connection.
ftp: Login failed.
nothing more in log file, password is good for sure, because when i type incorrect password, i see it in /var/log/messages
if i try to connect to localhost via web browser (elinks in this case), after typing username and password i get error message Error reading from socket. no matter if i try to connect from inside jail, or from host
when i enable anonymous logins, everything is running smooth, but thats not the point...
jail is running at securlevel 1, but taht doesnt matter really
after few days digging on google, every forum and every site i found, im running out of ideas...so please help :)