FTP (not anonymous) logins fail

Michael D. Harlan mike at harlanonline.org
Fri Apr 2 11:52:34 PST 2004

I have FreeBSD 5.2.1-RELEASE-p3 installed on my system.  For testing
purposes, I have been temporarily suspending my ipfw firewall, then
reenabling it when I take a break from testing.  I have enabled ftp (IPV4
only) in inetd.conf.

FTP connections and authentication from the localhost to itself always
work.  FTP connections made from the outside work, but authentication
always fails.  The user in question has tcsh as his shell, which is listed
in /etc/shells.  The user is NOT listed in /etc/ftpusers.  I have not
changed anything in PAM (which I still don't understand how to configure

The full path of the user's home directory is accessible to them.

I have not done anything with groups.  Does a user have to be in a magic 
"ftpusers" group in order to authenticate from the outside?

My question for the group is: What else do I need to do to enable FTP
logins for normal users (i.e., I don't want anonymous FTP) out-of-the-box?  
I could install ProFTP, but would like to try to use the default FTPd that
comes with FreeBSD.

I suspect that PAM is the reason why my authentications from the outside
always fail, but authentications from localhost always succeed.  Is PAM
out-of-the-box set to deny all outside FTP connections?  If so, what
modifications to /etc/pam.d/ftpd do I need to make to allow FTP
authentication from the outside to work?  But, if you suspect something
other than PAM, don't let me send you down the wrong path...

Many thanks to anyone that can offer help.  I've spent 4 days on this and 
combed google and the archives of this listserv for the answer, but have 
come up empty.


More information about the freebsd-questions mailing list