# ProFTPD in 8.2 gives incorrect password



## Aknot (Jan 26, 2012)

Dear forum!

I've put up a small PC-server for over three years ago. The version of FreeBSD was 6.2 I think. Last week, the hard drive gave up. Now I'm installing a new one with FAMP and ProFTPD. No matter what I try, I can't get ProFTPD to work again, in the new install (8.2 with CVSUP ports tree). It's a really simple setup. No changes made to proftpd.conf. I even tried to disable PAM-support. It's always telling me that I'm using an incorrect password.

I'm really stuck, and afraid I've got a brain freeze or something.

Any hints or clues would be much appreciated.


----------



## SirDice (Jan 27, 2012)

Can you post your proftpd.conf?


----------



## ericmacmini (Jan 27, 2012)

You could also create a extended log, by adding following line to your conf file. Afterwards restart the deamon of course.


```
ExtendedLog /var/log/ftpdebug.log AUTH
```


----------



## Aknot (Jan 27, 2012)

Thanks for your replies!

This is what I got right now:


```
ServerName                      "LBCB FTP"
ServerType                      standalone
DefaultServer                   on
ScoreboardFile                  /var/run/proftpd/proftpd.scoreboard
AuthPAM                         off
UseReverseDNS                   off
IdentLookups                    off
ExtendedLog                     /var/log/ftpdebug.log AUTH
Port                            21
Umask                           022
MaxInstances                    30
CommandBufferSize               512
User                            nobody
Group                           nogroup
DefaultRoot ~
AllowOverwrite                  on
<IfModule mod_auth_pam.c>
AuthPAM off
</IfModule>
```


```
/var/log/ftpdebug.log
192.168.1.67 UNKNOWN nobody [27/Jan/2012:19:13:33 +0100] "USER alldo" 331 -

/var/log/auth.log
(192.168.1.67[192.168.1.67]) - USER alldo (Login failed): Incorrect password.
```


----------



## ericmacmini (Jan 27, 2012)

Does your /etc/passwd contain an entry for nobody ?


----------



## Aknot (Jan 27, 2012)

Yes it does:


```
nogroup:*:65533:
nobody:*:65534:
```

Should the users be put in special group?
Didn't do that on the old server.

They where jailed to their home directory automatically.


----------



## Aknot (Jan 27, 2012)

I have been using FreeBSD successfully for many years. I think this is the first time I'm asking for help =) Maybe I'm to old for this now


----------



## ericmacmini (Jan 27, 2012)

Have you already checked the Authentication hints in the ProFTPD documentation?


----------



## Aknot (Jan 27, 2012)

Now I have 

The log says:


```
/var/log/ftpdebug.log
192.168.1.67 UNKNOWN nobody [27/Jan/2012:19:13:33 +0100] "USER alldo" 331 -
```

The file /etc/ftpusers that prevents these users from logging into the FTP-service, is listing the user "nobody". I do not know why the log also states name and or user "nobody"?

All of this beats me.

Is there an easier FTP-server software available that you recommend instead?


----------



## SirDice (Jan 27, 2012)

```
User                            nobody
```

This causes _every_ user to be treated as the user nobody regardless of what they use to login.


----------



## Aknot (Jan 27, 2012)

Going to try 9.0 instead - have no more ideas to try right now.
Big thanks for your help and time guys.


----------



## SirDice (Jan 27, 2012)

Alldo said:
			
		

> Going to try 9.0 instead


That's not going to do you any good. The error in in your proftpd.conf. Just remove that User line.


----------



## Aknot (Jan 30, 2012)

That didn't do the trick either 
I'm totally out of ideas right now.

Any other clues?


----------



## Socket (May 26, 2012)

*nologin issue*

Hi all,

I don't know if you fixed your problem but the solution might be to add /usr/sbin/nologin to your /etc/shells if, of course, the ftp user has its shell set to nologin (or replace nologin by whatever shell it uses).

Cheers.


----------



## JamesElstone (Feb 9, 2022)

Very late on this one, but I had the same problem.

Found that the defaults of proftpd changed over time, and I had to set 
	
	



```
RequireValidShell off
```
 in /usr/local/etc/proftpd.conf

The system users created with the shell set to /usr/sbin/nologin fails the proftpd authentication tests even if the password is correct, and says nothing about it in the logs.


----------

