• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Resolved How to create FTP user outside of webspaces

CoyoteKG

CoyoteKG

Regular Pleskian
Hi,
I have directory /var/backup/server15
And I wan't to create FTP user to access only to this directory.

useradd -m -d /var/backup/server15 user15
usermod -s /bin/false user15
passwd user15

and now when I execute
# getent passwd user15
I'm getting this
user15:x:10003:10003::/var/backup/server15:/bin/false

But can't login in /var/log/secure log I'm getting this
Code: 
Jul 13 17:08:03 bkpsrv proftpd: pam_listfile(proftpd:auth): Couldn't open /etc/ftpusers
Jul 13 17:08:03 bkpsrv proftpd: pam_unix(proftpd:session): session opened for user user15 by (uid=0)
Jul 13 17:08:03 bkpsrv proftpd: pam_unix(proftpd:session): session closed for user user15

Do I need to configure /etc/proftpd.conf somehow?
There I can see only this directory
<Directory /var/www/vhosts>
GroupOwner psacln
</Directory>
 
Please, try to go to Home > Domains > example.com > FTP Access > FTP users and make sure that field Access to server over SSH is set to any available shell, for example /bin/bash , but not to Forbidden
 
Hi,

The user is created only in OS., not in Plesk.
I tried the commands on my test system and have no troubles.

Jul 14 10:29:52 mytest useradd[22962]: new group: name=aytest, GID=10008
Jul 14 10:29:52 mytest useradd[22962]: new user: name=aytest, UID=10008, GID=10008, home=/var/backup/server15, shell=/bin/bash
Jul 14 10:29:58 mytest usermod[22967]: change user 'aytest' shell from '/bin/bash' to '/bin/false'
Jul 14 10:30:11 mytest passwd: pam_unix(passwd:chauthtok): password changed for aytest
Jul 14 10:30:44 mytest proftpd: pam_listfile(proftpd:auth): Couldn't open /etc/ftpusers
Jul 14 10:30:45 mytest proftpd: pam_unix(proftpd:session): session opened for user aytest by (uid=0)
Jul 14 10:30:45 mytest proftpd[23001]: 0.0.0.0 (pri.va.te.ip[pri.va.te.ip]) - USER aytest: Login successful.
Jul 14 10:34:58 mytest proftpd: pam_unix(proftpd:session): session closed for user aytest

Could you check logs from FTP-client?
 
Hi, thx for answer.
Like AYamshanov said, I created user in OS, because I need to access outside of /var/www/vhost/ directory.

I'm getting this error like my password is not correct, but I'm sure that I'm typing correct user and password. I changed password few times, to try without special characters, but nothing better

Code: 
11:52:08    Status:    Disconnected from server
11:52:08    Status:    Resolving address of bkpsrv.xxxxx.com
11:52:08    Status:    Connecting to xx.xx.xxx.xxx:21...
11:52:08    Status:    Connection established, waiting for welcome message...
11:52:08    Status:    Initializing TLS...
11:52:08    Status:    Verifying certificate...
11:52:08    Status:    TLS connection established.
11:52:08    Command:    USER user15
11:52:08    Response:    331 Password required for user15
11:52:08    Command:    PASS *********
11:52:08    Response:    530 Login incorrect.
11:52:08    Error:    Critical error: Could not connect to server
 
Did you try to connect without TLS? But anyway I can connect with TLS too.

- Try to change the shell to bash and connect via SSH to console; next step is to connect via FTP.
- Try to increment debug level and re-check server' log.
 
I changed to bash, and I'm able to log in via SFTP (SSH on port 22)
After that I log out and tried to log in to FTP, but same error.

Did you changed on your test server something in proftpd.conf?
Do I need to specify this directory /var/backup/server15 ?
 
No, it was not solution :/
in logs I see

Jul 14 13:46:40 bkpsrv.xxx.xxx xinetd[22925]: START: ftp pid=22927 from=::ffff:xx.xxx.xx.xxx
Jul 14 13:46:40 bkpsrv.xxx.xxx proftpd[22927]: processing configuration directory '/etc/proftpd.d'
Jul 14 13:46:40 bkpsrv.xxx.xxx proftpd[22927]: 0.0.0.0 (xx.xxx.xx.xxx[xx.xxx.xx.xxx]) - FTP session opened.
Jul 14 13:46:40 bkpsrv.xxx.xxx proftpd[22927]: pam_listfile(proftpd:auth): Couldn't open /etc/ftpusers
Jul 14 13:46:40 bkpsrv.xxx.xxx xinetd[22925]: EXIT: ftp status=0 pid=22927 duration=0(sec)
Jul 14 13:51:53 bkpsrv proftpd: pam_listfile(proftpd:auth): Couldn't open /etc/ftpusers
Jul 14 13:51:53 bkpsrv proftpd: pam_unix(proftpd:session): session opened for user user15 by (uid=0)
Jul 14 13:51:53 bkpsrv proftpd: pam_unix(proftpd:session): session closed for user user15
In both logs I found that problem with file ftpusers.
I created it, and there is no error about that file, but still can't log in.

and this is permission of home directory. I tried also with changing group to psacln, and 777,
drwx------ 2 user15 user15 4096 Jul 14 13:41 server15/


Attached is my proftpd.conf file. Can you please compare it with your?
And also ziped proftpd.d folder

Thanks in advance


edit:
In this log I see that is some problem with permissions,
Jul 14 14:16:47 bkpsrv xinetd[22925]: START: ftp pid=23520 from=::ffff:xx.xxx.xx.xxx
Jul 14 14:16:47 bkpsrv proftpd[23520]: processing configuration directory '/etc/proftpd.d'
Jul 14 14:16:47 bkpsrv proftpd[23520]: 0.0.0.0 (xx.xxx.xx.xxx[xx.xxx.xx.xxx]) - FTP session opened.
Jul 14 14:16:47 bkpsrv systemd: Created slice user-10003.slice.
Jul 14 14:16:47 bkpsrv systemd: Starting user-10003.slice.
Jul 14 14:16:47 bkpsrv systemd-logind: New session c32 of user user15.
Jul 14 14:16:47 bkpsrv systemd: Started Session c32 of user user15.
Jul 14 14:16:47 bkpsrv systemd: Starting Session c32 of user user15.
Jul 14 14:16:47 bkpsrv proftpd[23520]: 0.0.0.0 (xx.xxx.xx.xxx[xx.xxx.xx.xxx]) - user15 chdir("/var/backup/server15") failed: Permission denied
Jul 14 14:16:47 bkpsrv proftpd[23520]: 0.0.0.0 (xx.xxx.xx.xxx[xx.xxx.xx.xxx]) - FTP session closed.
Jul 14 14:16:47 bkpsrv xinetd[22925]: EXIT: ftp status=0 pid=23520 duration=0(sec)
Jul 14 14:16:47 bkpsrv systemd-logind: Removed session c32.
Jul 14 14:16:47 bkpsrv systemd: Removed slice user-10003.slice.
Jul 14 14:16:47 bkpsrv systemd: Stopping user-10003.slice.

but like I mentioned already
and this is permission of home directory. I tried also with changing group to psacln, and 777,
drwx------ 2 user15 user15 4096 Jul 14 13:41 server15/
Click to expand...
 

Attachments

  • proftpd.conf.txt
    2.7 KB · Views: 15
  • proftpd.d.zip
    642 bytes · Views: 8
Last edited:
I figured it...
Totally noob mistake :/
Permissions of a parent /var/backup was 700. I changed it to 755 and now it works.

Also, to chroot user to /var/backup/server15 I needed to add to proftpd.conf
DefaultRoot /var/backup/server15 user15
 
You must log in or register to reply here.

Similar threads

T
Issue Explicit FTP over TLS: Initializing TLS... TLS/TLS-C negotiation failed on control channel
Replies
3
Views
3K
mow
M
UnS3eN
Issue No FTP (proFTP) access after 17.8.11 upgrade
Replies
4
Views
3K
UnS3eN
UnS3eN
Christoph Farnleitner
File owner in subscription is unequal to sys user (actual file owner-name is set to a FTP-user name)
Replies
2
Views
2K
Christoph Farnleitner
Christoph Farnleitner
Noam Harel
Issue FTP suddenly change password
Replies
3
Views
1K
UFHH01
U
M
Issue FTP login not possible for one domain
Replies
1
Views
2K
UFHH01
U
Back
Top