Boa noite, O Debian, por padrão, não permite que usuários sem shell e sem home acessem o sistema via FTP. Assim, é necessário modificar alguns parâmetros para liberar o acesso. Como o arquivo /etc/shells é conferido no momento do acesso, uma maneira seria adicionar a shell criada para o user, que normalmente é /bin/false. Uma outra maneira, é editar o arquivo /etc/pam.d/proftpd, e retirar a parte de validação da shell:
#auth required pam_shells.so Espero que ajude. On Wed, 7 Nov 2007 18:42:03 -0200 "LITLE TUX" <[EMAIL PROTECTED]> wrote: > Ola galera instalei o proftpd em micro aqui na empresa quando tento > logar com algum usuario da senha incorreta.... > > Ja alterei a senha do usuario no shell e nada.... ja estou pirando com > tantos problemas... é VPN é FTP .... to doido doido > > Seguem meu arquivo proftpd.conf > > # > # /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file. > # To really apply changes reload proftpd after modifications. > # > > # Includes DSO modules > Include /etc/proftpd/modules.conf > > # Set off to disable IPv6 support which is annoying on IPv4 only boxes. > UseIPv6 on > > ServerName "IDOM BR - FTP SERVER" > ServerType standalone > ServerAdmin [EMAIL PROTECTED] > DeferWelcome on > SyslogFacility Auth > > MultilineRFC2228 on > DefaultServer on > ShowSymlinks on > ServerIdent on > > TimeoutNoTransfer 600 > TimeoutStalled 600 > TimeoutIdle 1200 > > DisplayLogin welcome.msg > DisplayFirstChdir .message > ListOptions "-l" > > DenyFilter \*.*/ > > # Port 21 is the standard FTP port. > Port 21 > DefaultRoot ~ > # In some cases you have to specify passive ports range to by-pass > # firewall limitations. Ephemeral ports can be used for that, but > # feel free to use a more narrow range. > # PassivePorts 49152 65534 > > # To prevent DoS attacks, set the maximum number of child processes > # to 30. If you need to allow more than 30 concurrent connections > # at once, simply increase this value. Note that this ONLY works > # in standalone mode, in inetd mode you should use an inetd server > # that allows you to limit maximum number of processes per service > # (such as xinetd) > MaxInstances 30 > > # Set the user and group that the server normally runs at. > User proftpd > Group nogroup > > # Umask 022 is a good standard umask to prevent new files and dirs > # (second parm) from being group and world writable. > Umask 022 022 > # Normally, we want files to be overwriteable. > AllowOverwrite on > > # Uncomment this if you are using NIS or LDAP to retrieve passwords: > # PersistentPasswd off > > # Be warned: use of this directive impacts CPU average load! > # > # Uncomment this if you like to see progress and transfer rate with ftpwho > # in downloads. That is not needed for uploads rates. > # UseSendFile off > > TransferLog /var/log/proftpd/xferlog > SystemLog /var/log/proftpd/proftpd.log > > <IfModule mod_tls.c> > TLSEngine off > </IfModule> > > <IfModule mod_quota.c> > QuotaEngine on > </IfModule> > > <IfModule mod_ratio.c> > Ratios on > </IfModule> > > > # Delay engine reduces impact of the so-called Timing Attack described in > # http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02 > # It is on by default. > <IfModule mod_delay.c> > DelayEngine on > </IfModule> > > <IfModule mod_ctrls.c> > ControlsEngine on > ControlsMaxClients 2 > ControlsLog /var/log/proftpd/controls.log > ControlsInterval 5 > ControlsSocket /var/run/proftpd/proftpd.sock > </IfModule> > > <IfModule mod_ctrls_admin.c> > AdminControlsEngine on > </IfModule> > > # A basic anonymous configuration, no upload directories. > > # <Anonymous ~ftp> > # User ftp > # Group nogroup > # # We want clients to be able to login with "anonymous" as well as "ftp" > # UserAlias anonymous ftp > # # Cosmetic changes, all files belongs to ftp user > # DirFakeUser on ftp > # DirFakeGroup on ftp > # > # RequireValidShell off > # > # # Limit the maximum number of anonymous logins > # MaxClients 10 > # > # # We want 'welcome.msg' displayed at login, and '.message' displayed > # # in each newly chdired directory. > # DisplayLogin welcome.msg > # DisplayFirstChdir .message > # > # # Limit WRITE everywhere in the anonymous chroot > # <Directory *> > # <Limit WRITE> > # DenyAll > # </Limit> > # </Directory> > # > # # Uncomment this if you're brave. > # # <Directory incoming> > # # # Umask 022 is a good standard umask to prevent new files and dirs > # # # (second parm) from being group and world writable. > # # Umask 022 022 > # # <Limit READ WRITE> > # # DenyAll > # # </Limit> > # # <Limit STOR> > # # AllowAll > # # </Limit> > # # </Directory> > # > # </Anonymous> > > Agradeço a todos > -- ------------------------------ Marcello Barreto de Medeiros Network Admin/Programmer +55 84 3231 4617 [Office] +55 84 9914 3254 [Mobile] [EMAIL PROTECTED] [MSN] Linconet Brasil ------------------------------