vsftpd problem logging on

Rick Stevens rstevens at vitalstream.com
Fri Jan 13 00:20:19 UTC 2006 

On Thu, 2006-01-12 at 07:14 -0900, John Johnston wrote:
> I can't get vsftpd to accept my logon creditials.
> 
> When I try to connect to the localhost from the system terminal I get.
> 
> 
> tp> open localhost
> Connected to localhost.localdomain.
> 220 booklet.nwl.local FTP server (Version 5.60) ready.
> 334 Using authentication type GSSAPI; ADAT must follow
> GSSAPI accepted as authentication type
> GSSAPI error major: Miscellaneous failure
> GSSAPI error minor: Unknown code krb5 195
> GSSAPI error: initializing context
> GSSAPI authentication failed
> 334 Using authentication type KERBEROS_V4; ADAT must follow
> KERBEROS_V4 accepted as authentication type
> Kerberos V4 krb_mk_req failed: You have no tickets cached
> Name (localhost:kanikpuk): bearqst
> 530 Must perform authentication before identifying USER.
> Login failed.
> Remote system type is UNIX.
> Using binary mode to transfer files.
> ftp>
> ftp> user -d username
> 530 Must perform authentication before identifying USER.
> Login failed.
> ftp>
> ftp> user -d username
> 530 Must perform authentication before identifying USER.
> 
> 
> When I try to connect from a remote host I can logon as a guest, but not 
> as a user of the system
> 
> 
> ftp> open 172.17.65.249
> Connected to 172.17.65.249.
> 220 booklet.nwl.local FTP server (Version 5.60) ready.
> User (172.17.65.249:(none)): ftp
> 331 Guest login ok, send ident as password.
> Password:
> 230 Guest login ok, access restrictions apply.
> ftp> ls
> 200 PORT command successful.
> 150 Opening ASCII mode data connection for file list.
> pub
> 226 Transfer complete.
> ftp: 5 bytes received in 0.00Seconds 5000.00Kbytes/sec.
> ftp> pwd
> 257 "/" is current directory.
> ftp> close
> 221 Goodbye.
> ftp> open 172.17.65.249
> Connected to 172.17.65.249.
> 220 booklet.nwl.local FTP server (Version 5.60) ready.
> User (172.17.65.249:(none)): username
> 530 Must perform authentication before identifying USER.
> Login failed.
> 
> What am I missing

Several things.  The system defaults to "anonymous_enable = YES", so
that's why the anonymous user (user "ftp") is allowed in.  However, the
system also defaults to "local_enable = NO", so the only way for NORMAL
users is via Kerberos.  As the root user, edit the file
"/etc/vsftpd/vsftpd.conf" and uncomment the line:

	local_enable=YES

by deleting the leading "#" mark.  Then, still as the root user, enter
the command:

	# service vsftpd restart

Then try "ftp localhost" again.  I'll bet it works now.

You should check out the man page for the vsftpd.conf file.  The command
to do that is "man vsftpd.conf" as any user.

----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer     rstevens at vitalstream.com -
- VitalStream, Inc.                       http://www.vitalstream.com -
-                                                                    -
-           Lottery: A tax on people who are bad at math.            -
----------------------------------------------------------------------

More information about the Redhat-install-list mailing list