This website is deprecated, and remains online only for historic access to old issues and docs for historic versions of Virtualmin. It has been unmaintained for several years, and should not be relied on for up-to-date information. Please visit www.virtualmin.com instead.

ftp user can't access

9 posts / 0 new

Topic locked

Last post

#1 Mon, 01/28/2008 - 04:21

Maurizio1230

ftp user can't access

Hi all,

I had an ftp user on Edit Mail and FTP Users section with these details (Name: name@domain.com, Ftp login enabled: yes)

When I login via ftp I insert calum.domain for the username like I can see in the datails after ftp user creation (POP3/FTP login name.domain) but i can't login.

I have 3.48.gpl

Thank you very much ;)

#2 Mon, 01/28/2008 - 10:15

Joe

Check the shell of the user, and see if that shell is listed in /etc/shells. /bin/false, I believe, is the default shell for FTP+Mail users in Virtualmin...but if it's not listed in /etc/shells, the FTP server will refuse the login.

--

Check out the forum guidelines!

#3 Mon, 01/28/2008 - 10:15 (Reply to #2)

Joe

And, of course, if that's not the problem, we need to see something from the logs! /var/log/secure is probably where this one will show up.

--

Check out the forum guidelines!

#4 Tue, 01/29/2008 - 04:34 (Reply to #3)

Maurizio1230

<b>Joe wrote:</b>
<div class='quote'>Check the shell of the user, and see if that shell is listed in /etc/shells. /bin/false, I believe, is the default shell for FTP+Mail users in Virtualmin...but if it's not listed in /etc/shells, the FTP server will refuse the login.</div>

This is the file and i don't see /bin/false. What can I do?
<div class='quote'># /etc/shells: valid login shells
/bin/ash
/bin/csh
/bin/sh
/usr/bin/es
/usr/bin/ksh
/bin/ksh
/usr/bin/rc
/usr/bin/tcsh
/bin/tcsh
/usr/bin/zsh
/bin/sash
/bin/zsh
/usr/bin/esh
/bin/dash
/usr/bin/screen
/bin/bash
/bin/rbash
/usr/bin/scponly</div>

Thank you very much Joe ;)

#5 Tue, 01/29/2008 - 05:37 (Reply to #4)

DanLong

add the line /bin/false

#6 Tue, 01/29/2008 - 06:13 (Reply to #5)

Maurizio1230

it works. When i login with name.domain I see its home directory for email (home/site/homes/name) and i can see the /home/site/public_html too but <b>it's possible to see all directory of the server too in /</b>

It's quite dangerous :( How can I allow this user to see only /home/site ?

thanks dan

#7 Tue, 01/29/2008 - 06:22 (Reply to #6)

Joe

<div class='quote'>it's possible to see all directory of the server too in /

It's quite dangerous :( How can I allow this user to see only /home/site ?</div>

Why is that dangerous? You reckon in 35 years, UNIX hasn't figured out security pretty well? ;-)

But, you can enable chroot in the ProFTPd configuration, if you really think it's an issue. (In Webmin's ProFTPd module this option is labeled "Limit users to directories" in the Files and Directories page, and set it to "Home directory".)

--

Check out the forum guidelines!

#8 Tue, 01/29/2008 - 07:23 (Reply to #7)

Maurizio1230

I set up it to home directory and user groups to everyone but it doesn't work (I see the /)

It's dangerous because it's my personal website and if i want to give a new ftp access to a user, this user can view and edit all the server.

Thanks Joe

#9 Tue, 01/29/2008 - 07:28 (Reply to #8)

Maurizio1230

Sorry, it works: i don't remember to apply the current configuration by sending a SIGHUP signal to the running ProFTPD process with apply button.

Topic locked