• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Resolved How to create FTP user outside of webspaces

CoyoteKG

CoyoteKG

Regular Pleskian
Hi,
I have directory /var/backup/server15
And I wan't to create FTP user to access only to this directory.

useradd -m -d /var/backup/server15 user15
usermod -s /bin/false user15
passwd user15

and now when I execute
# getent passwd user15
I'm getting this
user15:x:10003:10003::/var/backup/server15:/bin/false

But can't login in /var/log/secure log I'm getting this
Code: 
Jul 13 17:08:03 bkpsrv proftpd: pam_listfile(proftpd:auth): Couldn't open /etc/ftpusers
Jul 13 17:08:03 bkpsrv proftpd: pam_unix(proftpd:session): session opened for user user15 by (uid=0)
Jul 13 17:08:03 bkpsrv proftpd: pam_unix(proftpd:session): session closed for user user15

Do I need to configure /etc/proftpd.conf somehow?
There I can see only this directory
<Directory /var/www/vhosts>
GroupOwner psacln
</Directory>
 
Please, try to go to Home > Domains > example.com > FTP Access > FTP users and make sure that field Access to server over SSH is set to any available shell, for example /bin/bash , but not to Forbidden
 
Hi,

The user is created only in OS., not in Plesk.
I tried the commands on my test system and have no troubles.

Jul 14 10:29:52 mytest useradd[22962]: new group: name=aytest, GID=10008
Jul 14 10:29:52 mytest useradd[22962]: new user: name=aytest, UID=10008, GID=10008, home=/var/backup/server15, shell=/bin/bash
Jul 14 10:29:58 mytest usermod[22967]: change user 'aytest' shell from '/bin/bash' to '/bin/false'
Jul 14 10:30:11 mytest passwd: pam_unix(passwd:chauthtok): password changed for aytest
Jul 14 10:30:44 mytest proftpd: pam_listfile(proftpd:auth): Couldn't open /etc/ftpusers
Jul 14 10:30:45 mytest proftpd: pam_unix(proftpd:session): session opened for user aytest by (uid=0)
Jul 14 10:30:45 mytest proftpd[23001]: 0.0.0.0 (pri.va.te.ip[pri.va.te.ip]) - USER aytest: Login successful.
Jul 14 10:34:58 mytest proftpd: pam_unix(proftpd:session): session closed for user aytest

Could you check logs from FTP-client?
 
Hi, thx for answer.
Like AYamshanov said, I created user in OS, because I need to access outside of /var/www/vhost/ directory.

I'm getting this error like my password is not correct, but I'm sure that I'm typing correct user and password. I changed password few times, to try without special characters, but nothing better

Code: 
11:52:08    Status:    Disconnected from server
11:52:08    Status:    Resolving address of bkpsrv.xxxxx.com
11:52:08    Status:    Connecting to xx.xx.xxx.xxx:21...
11:52:08    Status:    Connection established, waiting for welcome message...
11:52:08    Status:    Initializing TLS...
11:52:08    Status:    Verifying certificate...
11:52:08    Status:    TLS connection established.
11:52:08    Command:    USER user15
11:52:08    Response:    331 Password required for user15
11:52:08    Command:    PASS *********
11:52:08    Response:    530 Login incorrect.
11:52:08    Error:    Critical error: Could not connect to server
 
Did you try to connect without TLS? But anyway I can connect with TLS too.

- Try to change the shell to bash and connect via SSH to console; next step is to connect via FTP.
- Try to increment debug level and re-check server' log.
 
I changed to bash, and I'm able to log in via SFTP (SSH on port 22)
After that I log out and tried to log in to FTP, but same error.

Did you changed on your test server something in proftpd.conf?
Do I need to specify this directory /var/backup/server15 ?
 
No, it was not solution :/
in logs I see

Jul 14 13:46:40 bkpsrv.xxx.xxx xinetd[22925]: START: ftp pid=22927 from=::ffff:xx.xxx.xx.xxx
Jul 14 13:46:40 bkpsrv.xxx.xxx proftpd[22927]: processing configuration directory '/etc/proftpd.d'
Jul 14 13:46:40 bkpsrv.xxx.xxx proftpd[22927]: 0.0.0.0 (xx.xxx.xx.xxx[xx.xxx.xx.xxx]) - FTP session opened.
Jul 14 13:46:40 bkpsrv.xxx.xxx proftpd[22927]: pam_listfile(proftpd:auth): Couldn't open /etc/ftpusers
Jul 14 13:46:40 bkpsrv.xxx.xxx xinetd[22925]: EXIT: ftp status=0 pid=22927 duration=0(sec)
Jul 14 13:51:53 bkpsrv proftpd: pam_listfile(proftpd:auth): Couldn't open /etc/ftpusers
Jul 14 13:51:53 bkpsrv proftpd: pam_unix(proftpd:session): session opened for user user15 by (uid=0)
Jul 14 13:51:53 bkpsrv proftpd: pam_unix(proftpd:session): session closed for user user15
In both logs I found that problem with file ftpusers.
I created it, and there is no error about that file, but still can't log in.

and this is permission of home directory. I tried also with changing group to psacln, and 777,
drwx------ 2 user15 user15 4096 Jul 14 13:41 server15/


Attached is my proftpd.conf file. Can you please compare it with your?
And also ziped proftpd.d folder

Thanks in advance


edit:
In this log I see that is some problem with permissions,
Jul 14 14:16:47 bkpsrv xinetd[22925]: START: ftp pid=23520 from=::ffff:xx.xxx.xx.xxx
Jul 14 14:16:47 bkpsrv proftpd[23520]: processing configuration directory '/etc/proftpd.d'
Jul 14 14:16:47 bkpsrv proftpd[23520]: 0.0.0.0 (xx.xxx.xx.xxx[xx.xxx.xx.xxx]) - FTP session opened.
Jul 14 14:16:47 bkpsrv systemd: Created slice user-10003.slice.
Jul 14 14:16:47 bkpsrv systemd: Starting user-10003.slice.
Jul 14 14:16:47 bkpsrv systemd-logind: New session c32 of user user15.
Jul 14 14:16:47 bkpsrv systemd: Started Session c32 of user user15.
Jul 14 14:16:47 bkpsrv systemd: Starting Session c32 of user user15.
Jul 14 14:16:47 bkpsrv proftpd[23520]: 0.0.0.0 (xx.xxx.xx.xxx[xx.xxx.xx.xxx]) - user15 chdir("/var/backup/server15") failed: Permission denied
Jul 14 14:16:47 bkpsrv proftpd[23520]: 0.0.0.0 (xx.xxx.xx.xxx[xx.xxx.xx.xxx]) - FTP session closed.
Jul 14 14:16:47 bkpsrv xinetd[22925]: EXIT: ftp status=0 pid=23520 duration=0(sec)
Jul 14 14:16:47 bkpsrv systemd-logind: Removed session c32.
Jul 14 14:16:47 bkpsrv systemd: Removed slice user-10003.slice.
Jul 14 14:16:47 bkpsrv systemd: Stopping user-10003.slice.

but like I mentioned already
and this is permission of home directory. I tried also with changing group to psacln, and 777,
drwx------ 2 user15 user15 4096 Jul 14 13:41 server15/
Click to expand...
 

Attachments

  • proftpd.conf.txt
    2.7 KB · Views: 15
  • proftpd.d.zip
    642 bytes · Views: 8
Last edited:
I figured it...
Totally noob mistake :/
Permissions of a parent /var/backup was 700. I changed it to 755 and now it works.

Also, to chroot user to /var/backup/server15 I needed to add to proftpd.conf
DefaultRoot /var/backup/server15 user15
 
You must log in or register to reply here.

Similar threads

T
Issue Explicit FTP over TLS: Initializing TLS... TLS/TLS-C negotiation failed on control channel
Replies
3
Views
3K
mow
M
UnS3eN
Issue No FTP (proFTP) access after 17.8.11 upgrade
Replies
4
Views
3K
UnS3eN
UnS3eN
Christoph Farnleitner
File owner in subscription is unequal to sys user (actual file owner-name is set to a FTP-user name)
Replies
2
Views
1K
Christoph Farnleitner
Christoph Farnleitner
Noam Harel
Issue FTP suddenly change password
Replies
3
Views
1K
UFHH01
U
M
Issue FTP login not possible for one domain
Replies
1
Views
1K
UFHH01
U
Back
Top