I recently set up a new Ubuntu 12.04 server, and as part of the setup installed vsftp. I used an identical setup to a similar server, but for some reason, I kept getting an authentication error attempting to login as a local user.
After a lot of troubleshooting, I finally isolated the problem to the PAM script for vsftpd, found in /etc/pam.d/vsftpd:
#Standard behaviour for ftpd(8).
auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
# Note: vsftpd handles anonymous logins on its own. Do not enable pam_ftp.so.
# Standard pam includes
@include common-account
@include common-session
@include common-auth
auth required pam_shells.so
The problems were in the first and last “auth required” lines. I had to comment out both to get vsftpd to work. Either one by itself didn’t fix the problem.
The last called out a module that wasn’t found on my system. Not sure how it got there, but its purpose is to prevent ftp logins from users not having a shell. Commenting it out removed the error that got logged to auth.log, but didn’t fix the problem.
The first “auth required” line refers to the /etc/ftpusers file, which despite its name is a list of users who shouldn’t be allowed to ftp. Even though the users I tried weren’t listed, I still got authorization denied. Commenting out this line fixed the problem, but right now it’s a mystery why there was a problem in the first place. This should work. It works fine on the other Ubuntu 12 losartan dosage.04 server. But at least I can do ftp.
If you happen to know what caused the problem, I’d sure appreciate it if you’d drop a comment below.