# [pure-ftpd]  not authenticating?

## philltx

I just installed and configured pureftpd to connect to mysql 

when i attempt to connect to the ftp server locally, i get the follow: 

etc # ftp localhost

Connected to localhost.

220---------- Welcome to Pure-FTPd [TLS] ----------

220-You are user number 1 of 50 allowed.

220-Local time is now 06:16. Server port: 21.

220 You will be disconnected after 15 minutes of inactivity.

Name (localhost:root): upload

500 This security scheme is not implemented

SSL not available

331 User upload OK. Password required

Password:

530 Authentication failed, sorry

Login failed.

Remote system type is UNIX.

Using binary mode to transfer files.

ftp> bye

221-Goodbye. You uploaded 0 and downloaded 0 kbytes.

221 Logout.

in my log files..  i noticed that i'm getting the message 

Sep 19 02:19:54 [pure-ftpd] (?@210.119.14.168) [INFO] New connection from 210.119.14.168

Sep 19 02:19:54 [pure-ftpd] (?@210.119.14.168) [INFO] Logout.

Sep 19 10:00:43 [pure-ftpd] (?@aorleans-251-1-62-166.w86-192.abo.wanadoo.fr) [INFO] New connection from aorleans-251-1-62-166.w86-192.abo.wanadoo.fr

Sep 19 10:00:43 [pure-ftpd] (?@aorleans-251-1-62-166.w86-192.abo.wanadoo.fr) [INFO] Logout.

~

Nov  1 04:48:30 [pure-ftpd] (?@10.200.39.204) [INFO] New connection from 10.200.39.204

Nov  1 04:48:30 [pure-ftpd] (?@10.200.39.204) [ERROR] Unable to set up secure anonymous FTP

v  1 05:30:51 [pure-ftpd] (?@10.200.39.204) [INFO] New connection from 10.200.39.204

Nov  1 05:30:51 [pure-ftpd] PAM-listfile: Couldn't open /etc/ftpusers

Nov  1 05:32:55 [pure-ftpd] (?@?) [ERROR] Unable to start a standalone server: [Illegal seek]

Nov  1 05:33:05 [pure-ftpd] (?@?) [ERROR] Unable to start a standalone server: [Illegal seek]

                - Last output repeated twice -

                Nov  1 05:33:54 [pure-ftpd] (?@10.200.39.204) [INFO] New connection from 10.200.39.204

                Nov  1 05:33:54 [pure-ftpd] PAM-listfile: Couldn't open /etc/ftpusers

                Nov  1 05:33:59 [pure-ftpd] (?@10.200.39.204) [INFO] New connection from 10.200.39.204

                Nov  1 05:33:59 [pure-ftpd] PAM-listfile: Couldn't open /etc/ftpusers

                Nov  1 05:37:03 [pure-ftpd] (?@localhost) [INFO] New connection from localhost

                Nov  1 05:37:09 [pure-ftpd] PAM-listfile: Couldn't open /etc/ftpusers

                Nov  1 05:37:40 [pure-ftpd] (?@localhost) [INFO] New connection from localhost

                Nov  1 05:37:44 [pure-ftpd] PAM-listfile: Couldn't open /etc/ftpusers

                ~

I checked ftpusers and noticed that there is no such directory. 

where do I go to point the /etc/ftpusers directive to /home/ftpusers, or should i just create /etc/ftpusers? 

also, how do check to see if its authenticating correctly?

----------

## philltx

i figured i should include that i followed these actions 

```
server ~ # groupadd -g 4400 ftpgroup

server ~ # adduser -u 4401 -d /home/ftpROOT -s /bin/false -g ftpgroup ftpread

server ~ # adduser -u 4402 -d /home/ftpROOT -s /bin/false -g ftpgroup ftpwrite

server ~ # mkdir /home/ftpROOT

server ~ # chown ftpwrite: /home/ftpROOT

server ~ # chmod 750 /home/ftpROOT
```

```
CREATE DATABASE ftp;

USE ftp;

CREATE TABLE users (

  User VARCHAR(64) BINARY NOT NULL,

  Password VARCHAR(256) BINARY NOT NULL,

  Uid INT(11) NOT NULL default '4401',

  Gid INT(11) NOT NULL default '4400',

  Dir VARCHAR(256) BINARY NOT NULL default '/home/ftpROOT',

  PRIMARY KEY  (User)

);

GRANT SELECT, INSERT, UPDATE ON ftp.* TO 'pure-ftp'@'localhost' IDENTIFIED BY 'P@$$w0rD!' ;

FLUSH PRIVILEGES;
```

and then here are the conf files: 

---> /etc/pureftpd-mysql.conf 

```

MYSQLSocket     /var/run/mysqld/mysqld.sock

#MYSQLServer     localhost

#MYSQLPort       3306

MYSQLUser       ftpduser

MYSQLPassword   P@zzw0rd!

MYSQLDatabase   pureftpd

MYSQLCrypt      cleartext

MYSQLGetPW      SELECT Password FROM ftpd WHERE User="\L" AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R")

MYSQLGetUID     SELECT Uid FROM ftpd WHERE User="\L" AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R")

MYSQLGetGID     SELECT Gid FROM ftpd WHERE User="\L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R")

MYSQLGetDir     SELECT Dir FROM ftpd WHERE User="\L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R")

MySQLGetBandwidthUL SELECT ULBandwidth FROM ftpd WHERE User="\L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R")

MySQLGetBandwidthDL SELECT DLBandwidth FROM ftpd WHERE User="\L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R")

MySQLGetQTASZ   SELECT QuotaSize FROM ftpd WHERE User="\L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R")

MySQLGetQTAFS   SELECT QuotaFiles FROM ftpd WHERE User="\L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R")
```

---> /etc/conf.d/pure-ftpd 

```
MYSQLSocket     /var/run/mysqld/mysqld.sock

#MYSQLServer     localhost

#MYSQLPort       3306

MYSQLUser       ftpduser

MYSQLPassword   P@zzw0rd!

# Config file for /etc/init.d/pure-ftpd

##Comment variables out to disable its features, or change the values in it... ##

## This variable must be uncommented in order for the server to start ##

IS_CONFIGURED="yes"

## FTP Server,Port (separated by comma) ##

## If you prefer host names over IP addresses, it's your choice :

## SERVER="-S ftp.rtchat.com,21"

## IPv6 addresses are supported.

SERVER="-S 10.200.38.2,21"

## Number of simultaneous connections in total, and per ip ##

MAX_CONN="-c 30"

MAX_CONN_IP="-C 10"

## Start daemonized in background ##

DAEMON="-B"

## Don't allow uploads if the partition is more full then this var ##

DISK_FULL="-k 90%"

## If your FTP server is behind a NAT box, uncomment this ##

#USE_NAT="-N"

## Authentication (others are 'pam', ...)##

## Further infos in the README file.
```

----------

## philltx

so i just added the /etc/ftpusers folder 

and got the following 

 *Quote:*   

> Nov  1 06:32:08 [pure-ftpd] (?@localhost) [INFO] New connection from localhost
> 
> Nov  1 06:32:13 [pure-ftpd] PAM-listfile: Couldn't open /etc/ftpusers
> 
> Nov  1 06:33:43 [pure-ftpd] (?@localhost) [INFO] New connection from localhost
> ...

 

----------

## philltx

when i run netstat -tunlp, i get the following ..

 # netstat -tunlp

Active Internet connections (only servers)

Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name

tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      1282/mysqld

tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      1363/apache2

tcp        0      0 0.0.0.0:21              0.0.0.0:*               LISTEN      26234/pure-ftpd (SE

tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1351/sshd

tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      1363/apache2

so pure-ftpd is running

----------

## philltx

so i try changing the /etc/conf.d/pure-ftpd line 

```

AUTH="-l unix"
```

i attempt to log on from a remote machine using a local user i just created and get following error. 

 *Quote:*   

> Nov  2 04:26:06 [pure-ftpd] (?@10.200.39.204) [INFO] New connection from 10.200.39.204
> 
> Nov  2 04:26:06 [pure-ftpd] (?@10.200.39.204) [ERROR] Unable to set up secure anonymous FTP
> 
> Nov  2 04:26:27 [pure-ftpd] (?@10.200.39.204) [INFO] New connection from 10.200.39.204
> ...

 

----------

## Sub Zero

 *philltx wrote:*   

> so i try changing the /etc/conf.d/pure-ftpd line 
> 
> ```
> 
> AUTH="-l unix"
> ...

 

You should do this if you want the mysql auth

```
AUTH="-l unix -l mysql:/etc/pureftpd-mysql.conf"
```

Because, I suppose you don't have a system user that is called upload?

----------

## philltx

i thought the whole point of having the ftp server authenticate against mysql db is so you wouldn't have to create unix users locally on the server.  Do I really need to create both a mysql entry on the db and a unix user?

----------

