# vsftpd and virtual users file?

## DrekAlots

Me again, lots of questions to ask.

I installed vsftpd and followed the guide here: http://en.gentoo-wiki.com/wiki/Vsftpd

Towards the bottom it gives two options for authentication with pam. I followed the steps for the pam_pwdfile and it's not working. The issue I have is that it says my user doesn't exist:

The user john is specified in the file as directed and I cannot log in.

```

Jan 22 15:59:12 s_local@tuxserver sshd[8216]: Failed none for invalid user john from 97.101.49.115 port 47788 ssh2

Jan 22 15:59:15 s_local@tuxserver sshd[8216]: Failed password for invalid user john from 97.101.49.115 port 47788 ssh2

Jan 22 15:59:23 s_local@tuxserver sshd[8216]: Failed password for invalid user john from 97.101.49.115 port 47788 ssh2

Jan 22 15:59:24 s_local@tuxserver sshd[8216]: Failed password for invalid user john from 97.101.49.115 port 47788 ssh2

```

This is the vsftpd.conf file:

```

# Janaury 22, 2010

# SFTP daemon config

# SFTP Options

dirmessage_enable=YES

chown_uploads=NO

xferlog_enable=YES

idle_session_timeout=600

data_connection_timeout=120

ascii_upload_enable=NO

ascii_download_enable=NO

chroot_list_enable=YES

listen=YES

ls_recurse_enable=NO

anonymous_enable=NO

guest_enable=YES

anonymous_enable=YES

anon_upload_enable=NO

anon_mkdir_write_enable=NO

pam_service_name=vsftpd

```

----------

## DawgG

you are looking in the wrong place - sftp has nothing to do with vsftpd.

sftp is part of the ssh-package and what is sometimes referred to as ftps is "normal" ftp secured with ssl or tls.

if you look at the log you posted it's clearly sshd that's logging:

 *Quote:*   

> Jan 22 15:59:12 s_local@tuxserver sshd[8216]: Failed none for invalid user john from 97.101.49.115 port 47788 ssh2

 

if you want local users to be able to log in ie use ftp ususally you just use the option "allow local users to log in" or sth. in vsftpd.conf. i think you only need to change your pam-stuff if you want to use virtual users for ftp.

you also need to secure the ftp-connection with ssl or tls (i don't think it's optional since all auth-data is transmitted in cleartext if you don't use it) like described here: http://en.gentoo-wiki.com/wiki/Vsftpd#Using_SSL_to_Secure_FTP

for me using vsftpd with ssl/tls has never quite worked but i haven't tried recently so there is a good chance it will work for you (i use proftpd which i also like). you will also need an ssl/tls-enabled ftp-program to connect, i like lftp.

you could also use an ssh-tunnel to connect to your vsftpd but that will create (more) work in other places.

GOOD LUCK!

----------

## DrekAlots

Wow. Big oversite on my part. Thank you for pointing that.

I attempted this AM to connect via SFTP and got this error:

```

Request for subsystem 'sftp' failed on channel 0

Couldn't read packet: Connection reset by peer

```

I searched portage for an sftp-server package as I've seen that listed as a fix, found nothing. Is there a certain line in sshd_config that needs to be enabled?

As for the FTP with SSL/TLS issue, I was able to connect last night but couldn't do much more. I'll look at that more later. If I can get SFTP to work than I'm fine with plain FTP as well. I just need variant to be secured.

----------

## pianosaurus

 *DrekAlots wrote:*   

> Is there a certain line in sshd_config that needs to be enabled?

 

It should work out of the box. The default sshd_config has this in it:

```
# override default of no subsystems

Subsystem       sftp    /usr/lib64/misc/sftp-server
```

 *DrekAlots wrote:*   

> If I can get SFTP to work than I'm fine with plain FTP as well. I just need variant to be secured.

 

Do you mean if you can't? Also, plain FTP is not secured, as DawgG said. You can however set up Vsftpd to use SSL.

----------

