proftpd gives 'login incorrect' error

password ftp login
16,038

Solution 1

It sounds a lot like the libpam you've got installed wasn't upgraded when proftpd was, may try doing that prior to the upgrade for proftpd and see if that corrects the issue.

Also check the proftpd.conf particularly

#This is required to use both PAM-based authentication and local passwords

#AuthOrder mod_auth_pam.c* mod_auth_unix.c

^^^ and make sure that the conf didnt get updated to "generic"

Solution 2

If this is a RHEL or CentOS EL6.x system, it's important to modify your PAM configuration, as the one that ships with the package is no good:

Edit: /etc/pam.d/proftpd to reflect:

#%PAM-1.0M-1.0
auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
auth required pam_shells.so
auth include system-auth
account include system-auth
#session include system-auth
session required pam_loginuid.so

Solution 3

Also ensure that the home directory is actually owned by that user.. for example, I just tried to ftp to user abc, but /home/abc was owned by root, not abc, so proftpd gave me the login incorrect.

Solution 4

One point to note that burned me is ... pam_shells.so

pam_shells.so - this requires that all the allowable shells be in /etc/shells.

With NIS, because we have many different distro's of Linux and Solaris, our NIS shells are all /usr/local/bin/

On the machines themselves, in /usr/local/bin/ we create soft links to the shells. i.e. /usr/local/bin/bash --> /bin/bash

Where I got burned is... even though /bin/bash is in /etc/shells, /usr/local/bin/bash also needs to be in there.

It's a 10 second fix, but it took me a long time to figure out.

Share:
16,038

Related videos on Youtube

Bernhard
Author by

Bernhard

Updated on September 18, 2022

Comments

  • Bernhard
    Bernhard over 1 year

    I have had proftpd installed for a while now but since today I can not sign into the ftp server. I keep getting the error 530 login incorrect.

    I restarted proftpd in debug mode and got the below response when I tried to sign in:

    - srv2.********.nl proftpd[1660] 159.253.3.237 (83.247.33.135[83.247.33.135]): FTP session opened.
- srv2.********.nl proftpd[1660] 159.253.3.237 (83.247.33.135[83.247.33.135]): dispatching PRE_CMD command 'USER bernhard' to mod_tls
- srv2.********.nl proftpd[1660] 159.253.3.237 (83.247.33.135[83.247.33.135]): dispatching PRE_CMD command 'USER bernhard' to mod_core
- srv2.********.nl proftpd[1660] 159.253.3.237 (83.247.33.135[83.247.33.135]): dispatching PRE_CMD command 'USER bernhard' to mod_core
- srv2.********.nl proftpd[1660] 159.253.3.237 (83.247.33.135[83.247.33.135]): dispatching PRE_CMD command 'USER bernhard' to mod_delay
- srv2.********.nl proftpd[1660] 159.253.3.237 (83.247.33.135[83.247.33.135]): dispatching PRE_CMD command 'USER bernhard' to mod_auth
- srv2.********.nl proftpd[1660] 159.253.3.237 (83.247.33.135[83.247.33.135]): dispatching CMD command 'USER bernhard' to mod_auth
- srv2.********.nl proftpd[1660] 159.253.3.237 (83.247.33.135[83.247.33.135]): dispatching POST_CMD command 'USER bernhard' to mod_delay
- srv2.********.nl proftpd[1660] 159.253.3.237 (83.247.33.135[83.247.33.135]): dispatching LOG_CMD command 'USER bernhard' to mod_log
- srv2.********.nl proftpd[1660] 159.253.3.237 (83.247.33.135[83.247.33.135]): dispatching PRE_CMD command 'PASS (hidden)' to mod_tls
- srv2.********.nl proftpd[1660] 159.253.3.237 (83.247.33.135[83.247.33.135]): dispatching PRE_CMD command 'PASS (hidden)' to mod_core
- srv2.********.nl proftpd[1660] 159.253.3.237 (83.247.33.135[83.247.33.135]): dispatching PRE_CMD command 'PASS (hidden)' to mod_core
- srv2.********.nl proftpd[1660] 159.253.3.237 (83.247.33.135[83.247.33.135]): dispatching PRE_CMD command 'PASS (hidden)' to mod_delay
- srv2.********.nl proftpd[1660] 159.253.3.237 (83.247.33.135[83.247.33.135]): dispatching PRE_CMD command 'PASS (hidden)' to mod_auth
- srv2.********.nl proftpd[1660] 159.253.3.237 (83.247.33.135[83.247.33.135]): dispatching CMD command 'PASS (hidden)' to mod_auth
- srv2.********.nl proftpd[1660] 159.253.3.237 (83.247.33.135[83.247.33.135]): retrieved UID 500 for user 'bernhard'
- srv2.********.nl proftpd[1660] 159.253.3.237 (83.247.33.135[83.247.33.135]): retrieved group ID: 500
- srv2.********.nl proftpd[1660] 159.253.3.237 (83.247.33.135[83.247.33.135]): retrieved group name: bernhard
- srv2.********.nl proftpd[1660] 159.253.3.237 (83.247.33.135[83.247.33.135]): ROOT PRIVS at mod_auth_pam.c:311
- srv2.********.nl proftpd[1660] 159.253.3.237 (83.247.33.135[83.247.33.135]): RELINQUISH PRIVS at mod_auth_pam.c:481
- srv2.********.nl proftpd[1660] 159.253.3.237 (83.247.33.135[83.247.33.135]): USER bernhard (Login failed): Incorrect password.
- srv2.********.nl proftpd[1660] 159.253.3.237 (83.247.33.135[83.247.33.135]): dispatching POST_CMD_ERR command 'PASS (hidden)' to mod_delay
- srv2.********.nl proftpd[1660] 159.253.3.237 (83.247.33.135[83.247.33.135]): dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_log
- srv2.********.nl proftpd[1660] 159.253.3.237 (83.247.33.135[83.247.33.135]): dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_auth
- srv2.********.nl proftpd[1660] 159.253.3.237 (83.247.33.135[83.247.33.135]): FTP session closed.
    • Admin
      Admin about 10 years
      If it worked before but does not work now then the first step you need to do is to determine what changed. If your answer is nothing changed then you need to go back to the first step.
    • Bernhard
      Bernhard about 10 years
      I installed a bunch of basic development tools. I did a reboot of the server and could still log in. a few hours later a colleage of mine, thinking I hadn't done the reboot did it again. And from that moment on we can't log into proftpd anymore. I removed all the development tools I installed to try and get proftpd working again, but without results.
    • Bernhard
      Bernhard about 10 years
      I have found out that the problem is caused by an update from version 1.3.3g to 1.3.4a. I downgraded back to 1.3.3g and everything works again.
    • Paul Haldane
      Paul Haldane about 10 years
      What operating system is this? Did anything appear in /var/log/secure (or equivalent) when login failed?
    • ewwhite
      ewwhite about 10 years
      What operating system and version is this?
  • Bernhard
    Bernhard about 10 years
    Thanks art3mis! The second part of your answer solved it! I upgraded proftpd and now I can use it again! For that, you get the 50 bounty. I know it isn't a lot, but just a small token of my appreciation
  • ewwhite
    ewwhite about 10 years
    Geez... Really?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

What is my login username and password?
How to re-enable a disabled standard user account?
Changed root password on my server, now can't login anymore
Can't change root password, passwd doesn't do anything
I used the terminal to change my password, but it's not applying the change
Cannot log in with correct password after installing VirtualBox and Genymotion and editing /etc/profile
Change keyring password after resetting password with "passwd" : Ubuntu 13.10
Ubuntu 20.04 LTS disable on boot: unlock keyring for an application who wants to acces "Default Keyring" but is locked
What is the password of a live user?
How to login to Ubuntu 18.04 without a password