How to configure vsftpd to allow root logins?

security login root ftp sles

170,259

Solution 1

DISCLAIMER: Enabling root login for FTP is a Very Bad Idea for many, many reasons.

Edit your vsftpd.conf file, and add the following line:

userlist_deny=YES

Edit user_list and ftpusers and comment out "root".

Solution 2

For those (like me) using VSFTPD on Ubuntu server in mid-2013, it appears that root is allowed to login via secure SFTP by default, no special changes necessary.

However, if you really need plain old FTP access, all I had to do was:

sudo nano /etc/ftpusers

And comment out the line with root on it by placing a # at the start. Save the file, and reloading the server is not even necessary.

BEWARE: This potentially allows the root password to be transmitted over the network, completely unencrypted, in PLAIN TEXT. It's a very bad idea unless you're working on a local virtual machine.

Solution 3

vi /etc/pam.d/vsftpd -> if you use vsftpd

find

auth blablabla sense=deny file=/etc/ftpusers

Make it to be sense= allow or you can uncomment script above it, or modify the file:ftpusers or add another ftpusers files

Solution 4

for Debian 8 Jessie, you just need to edit /etc/ftpusers and comment out or delete root. nothing else needed, just restart vsftpd

View more solutions

170,259

user826902

Updated on September 17, 2022

Comments

user826902 over 1 year
I'm on SLES 10.1, and trying to configure vsftpd to allow root logins. Does anyone know how to do this?

So far, I have this:
```
local_enable=YES
chroot_local_user=NO
userlist_enable=YES
userlist_deny=NO
userlist_file=/etc/vsftpd.users
```
And I've added root to /etc/vsftpd.users. When I try to log in, here's what I get:
```
$ ftp susebox
Connected to susebox.example.com.
220-FTP Server (user '[email protected]')
220
User (susebox.example.com:(none)): root
331-Password:
331
Password:
Connection closed by remote host.

C:\>
```
BTW, if you don't know the answer, please don't bother lecturing me about how I shouldn't allow root logins. I know what I'm doing, and I accept full responsibility for any ruptures in the space-time continuum that may result.
- Roman over 12 years
  
  Not only are you creating huge dents in the continuum, you're raping the very fabric of it's integrity! The only use I can think up for this is a honeypot, but AFAIK nobody even tries to login with root by ftp. All other uses....bit.ly/yzoSbB That being said, it's answered below.
- Xsv23 over 11 years
  
  I have this exact problem but it's in a completely isolated test network. Not all systems are on the Internet, you know.
- sr9yar over 3 years
  
  I don't see why this fuss is about. I'm setting this up for testing and the server will be wiped out in a couple of days. Using root is the quickest way to get over with my task, why should I makes things overly complicated, because somebody told me this at school?
GoTTimw over 9 years

Just FYI for those using vsftpd, the user_list file is located under /etc/vsftpd/user_list
ATorras over 9 years

Fedora 20: I had to change it in both places: user_list and also ftpusers.