# cannot ftp



## hirohitosan (Feb 3, 2009)

Hi there. I installed pure-ftpd and I cannot connect.

```
ftp localhost
Trying 127.0.0.1...
Connected to localhost.
220---------- Welcome to Pure-FTPd [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 16:08. Server port: 21.
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
Name (localhost:user):
331 User user OK. Password required
Password:
421 Service not available, remote server has closed connection.
ftp: Login failed.
```
what is wrong?
The user name is correct the passw is correct and simply cannot connect.

thanks


----------



## DutchDaemon (Feb 3, 2009)

Is the username in /etc/ftpusers?


----------



## hirohitosan (Feb 3, 2009)

DutchDaemon said:
			
		

> Is the username in /etc/ftpusers?


nope :r.
I added and restart 
	
	



```
/usr/local/etc/rc.d/pure-ftpd restart
```
 but still not connection. Do I need to restart something else too?


----------



## DutchDaemon (Feb 3, 2009)

Is there a logfile, like /var/log/xferlog?


----------



## hirohitosan (Feb 3, 2009)

yes 
	
	



```
cat xferlog 
Feb  3 13:11:39 ns newsyslog[371]: logfile first created
Feb  3 15:52:19 ns pure-ftpd: (?@?) [ERROR] Unable to find the 'ftp' account
Feb  3 15:52:34 ns pure-ftpd: (?@127.0.0.1) [INFO] New connection from 127.0.0.1
Feb  3 15:52:42 ns pure-ftpd: (?@127.0.0.1) [ERROR] Unable to read the indexed puredb file (or old format detected) - Try pure-pw mkdb
```


----------



## DutchDaemon (Feb 3, 2009)

hirohitosan said:
			
		

> nope :r.
> I added



No, don't add it. The file /etc/ftpusers contains the usernames that are *not* allowed to connect through ftp.


----------



## DutchDaemon (Feb 3, 2009)

hirohitosan said:
			
		

> yes
> 
> 
> 
> ...



Well, I don't know anything about the internals of pure-ftpd. It appears to need a local 'ftp' user (maybe to facilitate anonymous logins?), and it appears to miss some kind of index. I'd suggest tracking down a FAQ or reading the [font="Fixedsys"]man[/font] file to find out what pure-ftpd needs in order to run. Always look at your logfile after making changes and work from there.


----------



## hirohitosan (Feb 4, 2009)

I still don't understand. I found a way to import users with system-level accounts (defined in /etc/master.passwd)
	
	



```
# pure-pwconvert >> /usr/local/etc/pureftpd.passwd
# chmod 600 /usr/local/etc/pureftpd.passwd
# pure-pw mkdb
```
, but this import only regular users. Does not import users in the wheel group

And if we're here, I have another question about users. When I installed the system I created: user1 member of wheel group to can su. Is the same if I create user1 member of user1 group and put user1 in wheel member group?


----------



## DutchDaemon (Feb 4, 2009)

I'll have to refer you to a FAQ/man page for pure-ftpd; I simply do not know it. All I can see is that it appears to need a system user called 'ftp', just like BIND needs a user 'bind' and Sendmail needs a user 'smmsp' and 'mailnull'. Like most system users, it needs no shell (shell 'nologin').

As far as the second question goes: in FreeBSD every user is in its own group by default. So user1 will always have a matching group user1 in /etc/groups. To be able to su, user1 needs to be added to the group wheel in /etc/groups. So in /etc/groups, user1 will look like:


```
wheel:*:0:root,user1
user1:*:1001:
```

If you need user1 and user2 in wheel:


```
wheel:*:0:root,user1,user2
user1:*:1001:
user2:*:1002:
```

Etc.


----------



## hirohitosan (Feb 4, 2009)

DutchDaemon said:
			
		

> As far as the second question goes: in FreeBSD every user is in its own group by default. So user1 will always have a matching group user1 in /etc/groups. To be able to su, user1 needs to be added to the group wheel in /etc/groups. So in /etc/groups, user1 will look like:[/code]


thanks DutchDaemon. But in my case in different. Look what I have in /etc/group
	
	



```
cat /etc/group
# $FreeBSD: src/etc/group,v 1.35.6.1 2008/11/25 02:59:29 kensmith Exp $
#
wheel:*:0:root
daemon:*:1:
kmem:*:2:
sys:*:3:
tty:*:4:
operator:*:5:root
mail:*:6:
bin:*:7:
news:*:8:
man:*:9:
games:*:13:
ftp:*:14:
staff:*:20:
sshd:*:22:
smmsp:*:25:
mailnull:*:26:
guest:*:31:
bind:*:53:
proxy:*:62:
authpf:*:63:
_pflogd:*:64:
_dhcp:*:65:
uucp:*:66:
dialer:*:68:
network:*:69:
audit:*:77:
www:*:80:
nogroup:*:65533:
nobody:*:65534:
adi:*:7778:
```
I have a user "adi" member of "adi" group. Whit this user pure-ftpd works
I have another user "user" member of "wheel", and with that "user" pure doesn't work. As you can see there is no "user" group in /etc/group, even I have "user" like user 
sorry ... maybe I'm a little confusing, but I don't know how to explain better. 
With user "user" member of "wheel" I do all administration tasks.


----------



## DutchDaemon (Feb 4, 2009)

Then the question is: how did you create the account for "user". If you do it using 'adduser', the group will be created automatically. I can't tell whether pure-ftpd will or will not accept a user that doesn't have a matching group. You could test by adding a new user with 'adduser' and trying if it can use FTP or not. Then you can add that user to the wheel group too, and test FTP again. BTW, I've never seen an FTP login fail because a user is a member of group 'wheel'. I don't know whether a user that doesn't belong to any group (either his own group, or a collective group like 'users') would be refused in any way.


----------



## hirohitosan (Feb 4, 2009)

DutchDaemon said:
			
		

> Then the question is: how did you create the account for "user".


well, at the installation using sysinstall. As you can see I left empty at the "member groups". 
And it's true. I use ftpd started by inetd and all system user was enable to connect. This issue appear just with pure-ftpd. Maybe this is the way it goes with pure-ftpd. My thought is to create a new group named "user" and where user "user" will be member.


----------



## DutchDaemon (Feb 4, 2009)

Ah, you made a tiny mistake there: you should have left 'Group' empty (it will then default to creating a group with the same name as the account). The 'Member groups' is the place where you should have put 'wheel'.


----------



## hirohitosan (Feb 5, 2009)

Thanks. I created a new user with the same group name and member of wheel and now I can connect with ftp ... 
at this moment I can consider this thread SOLVED. Thanks again.


----------

