vsftp - why does this not work

Thu, 28 Aug 2003 15:44:19 +0000 

I'm trying to configure VSFTP to only ftp for one user + anonymous... but
I can still ftp and logon from any userid in /etc/passwd.

Heres my config...can anyone see where I'm going wrong ?



-------------------
more  vsftpd.user_list
# vsftpd userlist
# If userlist_deny=NO, only allow users in this file
# If userlist_deny=YES (default), never allow users in this file, and
# do not even prompt for a password.
# Note that the default vsftpd pam config also checks /etc/vsftpd.ftpusers
# for users that are denied.
testuser
-------------------

-----------
vsftpd.conf
cat vsftpd.conf | grep -v "#"

anonymous_enable=YES
local_enable=YES
userlist_deny=NO

write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES

pam_service_name=vsftpd
-------------

--------------
 more vsftpd
#%PAM-1.0
auth       required     /lib/security/pam_listfile.so item=user sense=deny
file=/etc/vsftpd.ftpusers onerr=succeed
auth       required     /lib/security/pam_stack.so service=system-auth.2
auth       required     /lib/security/pam_shells.so
account    required     /lib/security/pam_stack.so service=system-auth.2
session    required     /lib/security/pam_stack.so service=system-auth.2
-------------------
--------------------
 cat system-auth.2 | grep -v "#"
auth        required      /lib/security/pam_env.so
auth        sufficient    /lib/security/pam_unix.so likeauth nullok
auth        required      /lib/security/pam_deny.so

account     required      /lib/security/pam_unix.so
account     [default=bad success=ok user_unknown=ignore service_err=ignore
system_err=ignore] /lib/security/pam_ldap.so

password    required      /lib/security/pam_cracklib.so retry=3 type=
password    sufficient    /lib/security/pam_unix.so nullok use_authtok md5
shadow
password    required      /lib/security/pam_deny.so

session     required      /lib/security/pam_limits.so
session     required      /lib/security/pam_unix.so



-- 
http://www.seekitzone.com
http://www.e-securenetworks.net
http://www.shopper-holic.com
http://www.planet247.net
http://www.auction-holic.com


-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://www.redhat.com/mailman/listinfo/redhat-list

Reply via email to