Created FTP account do not work

darkus

Verified User
Joined
Dec 15, 2005
Messages
114
Ive quite a few DA servers where I just goto user level -> FTP Management -> Create FTP account and voila, nice easy FTP account is created.

However on my newest DA server, I can create an FTP account in the normal way, but none of the custom created FTP account will actually login for some reason. The server just gives an invalid login error. The server only alows the default admin login to work

Any ideas why this would be or any leads on how I can diagnose this?

Thanks!
 

darkus

Verified User
Joined
Dec 15, 2005
Messages
114
I checked proftp's passwd file and the new accoutn does show up properly there
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,932
Location
GMT +7.00
I checked proftp's passwd file and the new accoutn does show up properly there
Do you see them in directadmin? Maybe you'll be able to find any in user specified passwd file?

/usr/local/directadmin/data/users/USERNAME/ftp.passwd
 

darkus

Verified User
Joined
Dec 15, 2005
Messages
114
Check here for log file locations http://help.directadmin.com/item.php?id=11 (and maybe /var/log/secure)
Try to login again and post your results :)
Do you see them in directadmin? Maybe you'll be able to find any in user specified passwd file?

/usr/local/directadmin/data/users/USERNAME/ftp.passwd
Ok so all the log files in the proftp directory are 0 byte and empty. The only log file that recorded anything is the /var/log/secure log which contains the following:

Code:
/var/log/secure
Oct 24 19:00:48 sshd[1752]: Invalid user jason@bimmerpost.com from x.x.x.x
Oct 24 19:00:48 sshd[1753]: input_userauth_request: invalid user jason@x.com
Oct 24 19:00:48 sshd[1752]: pam_unix(sshd:auth): check pass; user unknown
Oct 24 19:00:48 sshd[1752]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=x.x.x.x
Oct 24 19:00:48 sshd[1752]: pam_succeed_if(sshd:auth): error retrieving information about user jason@x.com
Oct 24 19:00:50 sshd[1752]: Failed password for invalid user jason@x.com from x.x.x.x port 49725 ssh2
Oct 24 19:00:51 sshd[1753]: fatal: Read from socket failed: Connection reset by peer
Now if it matters Ive blocked the standard FTP port and only allow in SFTP connections over a non-standard port. The main admin account has no problems conncting, but the jason@x.com account doesnt connect at all. I get an Authentication failed error.

Also there is no actual jason@x.com user, I've only created an FTP account from the user level FTP management option in the DA control panel


Thanks for any ideas!
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,932
Location
GMT +7.00
How did you enable SFTP support? And what is your /etc/proftpd.conf looking like?
 

darkus

Verified User
Joined
Dec 15, 2005
Messages
114
How did you enable SFTP support? And what is your /etc/proftpd.conf looking like?
I didnt enable anything server side, I just tell my ftp program to use SFTP and do it through my ssh port. It connects just fine using the admin account in this way. And on older DA servers I own it also connects just fine for all the user level created additional FTP accounts

Here is my proftpd.com

Code:
ServerName              "ProFTPd"
ServerType              standalone

Port                    21
PassivePorts            35000 35999
UseReverseDNS           off
TimesGMT                off
TimeoutLogin            120
TimeoutIdle             600
TimeoutNoTransfer       900
TimeoutStalled          3600

ScoreboardFile                  /var/run/proftpd/proftpd.pid

TransferLog             /var/log/proftpd/xferlog.legacy
LogFormat               default "%h %l %u %t \"%r\" %s %b"
LogFormat               auth    "%v [%P] %h %t \"%r\" %s"
LogFormat               write   "%h %l %u %t \"%r\" %s %b"

#DON'T modify this log format.  Its used by DirectAdmin to determine user usage
LogFormat               userlog "%u %b %m %a"
ExtendedLog             /var/log/proftpd/75.126.52.130.bytes WRITE,READ userlog

AuthUserFile                    /etc/proftpd.passwd
DefaultServer           on
AuthOrder mod_auth_file.c

#AuthPAM off

<IfModule mod_tls.c>
        TLSEngine on
        TLSLog /var/log/proftpd/proftpd.tls.log
        TLSProtocol SSLv23
        #TLSProtocol TLSv1
        TLSVerifyClient off
        TLSRequired off

        #Certificates
        TLSRSACertificateFile /etc/exim.cert
        TLSRSACertificateKeyFile /etc/exim.key
        #TLSCACertificateFile /etc/ftpd/root.cert.pem

        TLSCipherSuite HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3
</IfModule>

<Global>
        PassivePorts            35000 35999
        DeferWelcome            on

        RequireValidShell       no

        DefaultRoot             ~
        DirFakeUser on ftp
        DirFakeGroup on ftp

        User                    ftp
        Group                   ftp
        #UserAlias              anonymous ftp

        AllowStoreRestart       on
        AllowRetrieveRestart    on

        ListOptions             -a

        Umask                   022
        DisplayLogin            welcome.msg
        DisplayChdir            readme
        AllowOverwrite          yes
        IdentLookups            off
        ExtendedLog             /var/log/proftpd/access.log WRITE,READ write
        ExtendedLog             /var/log/proftpd/auth.log AUTH auth

        #
        # Paranoia logging level....
        #
        #ExtendedLog    /var/log/proftpd/paranoid.log ALL default

        <IfModule mod_tls.c>
                TLSEngine on
                TLSLog /var/log/proftpd/proftpd.tls.log
                TLSRSACertificateFile /etc/exim.cert
                TLSRSACertificateKeyFile /etc/exim.key
        </IfModule>
</Global>

Include /etc/proftpd.vhosts.conf
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,932
Location
GMT +7.00
SSH daemon on directadmin powered server does not know anything about additional FTP accounts, thus that's OK.
If you want to use SFTP with additional FTP accounts, you should follow one of the guides here on the forums and rebuild ProFTPd with SFTP support.
 

befree33

Verified User
Joined
Feb 5, 2013
Messages
28
I too have problems with ftp access to my vps using my username.
1. Sometimes my DirectAdmin login works and sometimes it doesn't.
2.. In Wordpress admin, I'm unable to install or update plugins cause the ftp doesn't work.
3. FTP via filezilla doesn't work: I keep getting "Critical error. Could not connect to server." See http://tinypic.com/r/21boyzb/6

FYI: My vps username and password had non-ASCII characters but tech support changed them cause ftp didn't work. Since then, ftp worked once and then stopped working.

My paid tech support has tried to fix this problem for 2 weeks now but with no success. I was able to use ftp in WP admin but since tech support changed the username, I've been unable to use it. I used net2ftp.com twice last week but now it doesn't work cause "your username or password is incorrect".

There are no domains under my root account/admin account but there are domains under my username account. The FTP Management under User Level is setup using the default username. The server load is low.

The problem is at the username level, not the admin/root level. I know that tech support looked at proftpd log but I have no idea what they did.

Should tech support do this: http://help.directadmin.com/item.php?id=205 ?

There are 0 B in the proftp and pureftp logs per http://help.directadmin.com/item.php?id=11
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,932
Location
GMT +7.00
1. Sometimes my DirectAdmin login works and sometimes it doesn't.
What FTP server are using: ProFTPd or PureFTPd? In any case you might need to check its logs.
Might be this is your case http://forum.directadmin.com/showthread.php?t=45858&highlight=proftpd as well?

2.. In Wordpress admin, I'm unable to install or update plugins cause the ftp doesn't work.
In this case, you might need to enable more detailed logging and check logs and/or enable suPHP,PHP-FPM in order to allow PHP scripts to write into files and directories without a need to use FTP.

3. FTP via filezilla doesn't work: I keep getting "Critical error. Could not connect to server." See http://tinypic.com/r/21boyzb/6
Once more, in this case, you might need to enable more detailed logging and check logs.
 

nobaloney

NoBaloney Internet Svcs - In Memoriam †
Joined
Jun 16, 2003
Messages
26,119
Location
California
@befree33:

Do you run your site on your own VPS or dedicated server? If not then you'll really need to work with your hosting provider, as the help we can give you is based on having root access to your server.

Jeff
 

befree33

Verified User
Joined
Feb 5, 2013
Messages
28
What FTP server are using: ProFTPd or PureFTPd? In any case you might need to check its logs.
Might be this is your case http://forum.directadmin.com/showthread.php?t=45858&highlight=proftpd as well?

In this case, you might need to enable more detailed logging and check logs and/or enable suPHP,PHP-FPM in order to allow PHP scripts to write into files and directories without a need to use FTP.



Once more, in this case, you might need to enable more detailed logging and check logs.
I sent this post to tech support yesterday but I doubt they read it. Right now, all my sites are displaying an "Error Establishing a Database Connection". I will ask tech support if they will follow your suggestions again.

1. I have root access on vps, the ftp server is Pureftp. Both Pureftp and Proftp logs in http://123,23.12.32:2222/CMD_LOG_VIEWER show 0 B.

2. I've used both filezilla and smartftp and the log for the latter is at http://pastebin.com/sf9ZK9YW

3. I know that 530 connection error means that the server is rejecting the username or password. Pastebin shows that the username is fine, the problem is the password. I started getting ftp problems when tech support changed my password over 2 weeks ago. The password is ASCII characters and works with DA but not ftp client. The password was working with net2ftp but not anyone -- the good news with net2ftp is that it gives an error log which seems related to its web software.

4. Since the server is rejecting the password, I'd like to know if I could install net2ftp on the server.

5. I will ask tech support to "enable more detailed logging and check logs."

FYI: tech support had disabled all php functions a while ago.
 

befree33

Verified User
Joined
Feb 5, 2013
Messages
28
I asked tech support to install net2ftp on the server but they report that
I am getting authentication error with the logins.
I asked tech support to
In this case, you might need to enable more detailed logging and check logs and/or enable suPHP,PHP-FPM in order to allow PHP scripts to write into files and directories without a need to use FTP.
1. What code should be added to which file in DA to enable more detailed logging?
2. How do I enable suPHP,PHP-FPM? Which file in DA needs editing?

3. I'm also thinking of asking tech support to reset the username DirectAdmin generated when it was installed. It's possible that DA is not registering new password changes. Do I check this in cd /usr/local/directadmin/scripts
./fix_da_user.sh file? I ask because the eximlog shows vps.forward.com as DA vps name when the vps name was changed to a custom name weeks ago.
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,932
Location
GMT +7.00
Hello,

- ProFTPd: Debugging Problems
http://www.proftpd.org/docs/howto/Debugging.html
http://www.proftpd.org/docs/modules/mod_core.html#DebugLevel

The config is located in /etc/proftpd.conf

- I wish to use php-FPM with my CustomBuild setup.
http://help.directadmin.com/item.php?id=459

- suPHP with my CustomBuild setup.
http://help.directadmin.com/item.php?id=459

but change line
Code:
./build set php1_mode php-fpm
to
Code:
./build set php1_mode suphp
- CustomBuild 2.0 FAQ
http://forum.directadmin.com/showthread.php?t=44743
 
Top