These forums are locked and archived, but all topics have been migrated to the new forum. You can search for this topic on the new forum: Search for added subdomain - but how to add ftp user? on the new forum.
i have just added a subdomain for my site, and it worked fine, i can type in http://subdomain.mysite.com and it brings up the apache welcome page
but i added a user and ticked allow ftp login
but it doesn't work/seem to have done anything
should the ftp address be ftp.mysite.com or ftp.subdomain.mysite.com? i tried both to no affect
the username and password should be the same?
all i get in /var/log/messages is PAM authentication failed
using proftp 1.210
fedora core 4
most everything should be set to default
There's quite a few things that can go wrong in ProFTPd configuration. It's hard to guess which one applies to your case.
Here's a few things to check:
Is the user's shell listed in /etc/shells? It has to be for an FTP login to be allowed.
Are you sure ProFTPd has a working PAM configuration? This can be tricky, and the default pam configuration that comes with the source ProFTPd tarball doesn't work on all distributions (I've been bitten by this one myself) and environments. And, of course, if installed from source, you may have missed the PAM configuration step.
Beyond that, you should check the logs on proftpd startup for errors.
I'll also point out that for administering the domain, you should use the domain user account--not add a new user (though it is possible to create additional administrative users). So, to administer subdomain.domain.tld, you would login as the subdomain (or subdomain.domain.tld) user. You also don't need to use any special address. subdomain.domain.tld will work, assuming DNS is configured correctly at your registrar and is working on your server.
And, though I'll happily try to help you get FTP working, FTP is <i>never recommended for any purpose</i>. The SSH-based protocols are more secure, and FTP over SSH looks identical to FTP from an end user perspective, assuming your client software supports it.
Check out the forum guidelines!
i changed the shell to /etc/shells, and the ftp address to subdomain.mysite.com
i'm pretty sure proftp works, it works for my main web site
i installed it via yum, webmin was installed via rpm, and virtualmin was installed via wbm
the only error i get in /var/log/messages is PAM authentication error
the new user is a in the same group as the main domain user
the reason, i created a new user is because the subdomain is for my brother, and i want him to login only to the subdomain and not to my main site
also, i understand the security advantages of sftp, but it's too slow in my mind, i think the speed advantage outweighs the security risk for me
I think you misunderstood me on this one:
I said: <i>Is the user's shell listed in /etc/shells? It has to be for an FTP login to be allowed.</i>
You said: <i>i changed the shell to /etc/shells, and the ftp address to subdomain.mysite.com</i>
Not quite what I had in mind. ;-)
The users shell (whatever it is) needs to be <i>listed</i> in the file /etc/shells. It can't <i>be</i> /etc/shells. That won't work better than anything else not listed in /etc/shells.
On my system:
[[joe@delilah themes]]$ cat /etc/shells
So, my FTP users (assuming I ever used FTP or allowed FTP access) could have any of those shells--and no others. If I add another shell to the system I need to add it to the list in /etc/shells.
<i>i'm pretty sure proftp works, it works for my main web site</i>
This almost certainly means you had given the user a shell that is not in /etc/shells.
<i>the reason, i created a new user is because the subdomain is for my brother, and i want him to login only to the subdomain and not to my main site</i>
Give him his own domain, not a subdomain. It can still be named subdomain.domain.tld...but it won't share any data or access. This is what you want to happen. When you create a domain owned by another domain, the goal is to share data. What the domain names are is irrelevant. In other words, you're chasing the wrong problem. ;-)
Nonetheless, it's worth addressing the one you have run into...I strongly suspect getting the shell right will fix the problem (but it will still give your brother different access than you want).
<i>also, i understand the security advantages of sftp, but it's too slow in my mind, i think the speed advantage outweighs the security risk for me</i>
There should be no noticeable speed difference between FTP over SSH and FTP on any hardware less than ten years old. In fact, SSH-based protocols can be faster in some circumstances because they support compression while traditional FTP does not. If you are seeing FTP seem faster than an SSH based session, your system has configuration problems, probably related to DNS. (Initial login is slightly slower, due to negotiation of keys, but it's not terribly noticeable by humans).
Check out the forum guidelines!
ahhh, hehe, thanks
i get it now, cool, i just created a new virtual server for him with the subdomain.domain.com url
btw, the sftp speed issue is not on the server side i don't think
i think it's my client