FTP Server Problem "530 Login incorrect"

Hi
I have been having the exact same problem on my Xserve.
Help is urgently required.

I did a bit of fiddling around with that myself some time ago,
I'm not exactly sure but you might want to try this:

Select the username in WGM, click the advanded tab, and change the users shell to "None", in my case I used "/sbin/nologin", and FTP worked. Methinks this has something to do with security, you do not want any clear-text passwords (as in FTP) that has a shell-account attatched to it.

Thanks. I am having the exact same problem and it's killing me.

I tried this suggestion, but no luck. I even tried setting up anonymous log-in and it generates the same error.

HELP!

Hmm, seems I was wrong, enabling shell for usernames does not disable ftp-login after I did a test here. Sorry if I'm making more confusion than there was at the start 😉

Anyway I do definetly remember having these problems, maybe you should check the sharepoints, if you have set the "Authentecated users see" to include any sharepoints in serveradmin (ftp->advanced) check that FTP access is enabled to the sharepoints. (WGM->Sharing->Select a sharepoint, then click protocols tab, and select FTP Settings from the menu). Make sure FTP access is enabled.

I have tried very hard to "break it" again, but to no avail... :-P have you checked that the FTP root-folder is set correctly? Renaming that to some non-existent folder is the only way I can get my servers to give me a 530 Login incorrect (even when I'm using the right password).

DOH! Now I change FTP Root back to the right folder, and it's impossible to log in now.. go figure.

Will post if I can find a cure..

Edit: It seems that serveradmin has reset my FTP-config to default, all the cusom values except the banners where back to default suddenly. Dragging a working backup of FTP Config.plist-file back in serveradmin did not help.

The log file presented in Server Admin under FTP only shows transfers, not login attempts etc, to see that use Console.app (in /Applications/Utilities) or the terminal (tail -f /var/log/system.log)

here's the log output when I try to connect with a quadruple-checked, completely valid username/password:

/var/log/asl.log:
\[Time 2007.10.11 17:08:21 UTC\] \[Facility daemon\] \[Sender ftpd\] \[PID 23743\] \[Message ACCESS DENIED (not in any class) TO g5.myhostname.com \[10.0.0.20\]\] \[Level 5\] \[UID -2\] \[GID -2\] \[Host g5\]
\[Time 2007.10.11 17:08:21 UTC\] \[Facility daemon\] \[Sender ftpd\] \[PID 23743\] \[Message FTP LOGIN REFUSED (access denied) FROM g5.myhostname.com \[10.0.0.20\], ftp-username\] \[Level 5\] \[UID -2\] \[GID -2\] \[Host g5\]

and in /var/log/system.log:
Oct 11 19:08:21 g5 ftpd\[23743\]: ACCESS DENIED (not in any class) TO g5.myhostname.com \[10.0.0.20\]
Oct 11 19:08:21 g5 ftpd\[23743\]: FTP LOGIN REFUSED (access denied) FROM g5.myhostname.com \[10.0.0.20\], ftp-username

Repairing disk permissions with Disk Utility did not help (although it corrected permissions in /Library/FTPServer).

Yeah. I found the disc permissions problems with Disc Utility and thought I had it fixed as well, but no change.

I'm running out of ideas and my clients are running out of patience. ;-(

Nikitin Andrew wrote:
Oct 11 21:41:14 _ ftpd[5825]: FTP LOGIN REFUSED (*bad shell* or username in /Library/FTPServer/Configuration/ftpusers) FROM ___, max
in this file not have users and i add his in file but FTP not worked

I checked /Library/FTPServer/Configuration/ftpusers and it did not contain any of the usernames I had working with FTP just a few days ago, before it broke again. So I don't think that file really is used anymore (can anyone elighten us here?)

Another post about this suggested checking /etc/shells:

g5:~ root# cat /etc/shells
# List of acceptable shells for chpass(1).
# *Ftpd will not allow users to connect who are not using*
# *one of these shells.*
#/bin/bash
#/bin/csh
#/bin/ksh
#/bin/sh
#/bin/tcsh
#/bin/zsh
/dev/null

I understand this as if the user's shell in Workgroup Manager->advanced->shell is not set to /dev/null the FTP server will refuse login for that user. Your file may not look exactly the same, I have uncommented some shells (removing the #-sign in front). Check that your user has set a shell that do not have the #-sign in front of it in /etc/shells.

Just do a "sudo pico /etc/shells" in terminal, if you haven't used pico, see [http://www.savyon.com/ellen/pico.htm] for a quick introduction. Uncomment (remove the #-sign in front) /dev/null, adding it to the file if nessecary.

A small warning: *FTP is not secure* (plaintext passwords), therefore you should not use accounts for FTP that can be accessed by any other service on your server, if someone gets a hold of a FTP password that has a shell account attatched, with no firewalling at the server, it is a big security concern. I reccomend using /dev/null as a shell for FTP-users.

Hope this helps, but I'm quite confused myself here...

Message was edited by: Nils Ellingsen

I was having the same issues with FTP on my Xserve.

Do the following in terminal as root user:
1) serveradmin stop ftp
2) cd /Library/FTPServer/Configuration
3) mv ftpaccess to your Desktop.
4) cp ftpaccess.default ftpaccess
5) serveradmin start ftp

This replaces the ftpaccess file with a fresh clean one without any corruptions. It worked for me!

Thanks for the tip!
It didn't work on my server, probably because I have found out that my problem seems to be a little different from the original poster, which problems are rejected logins with a "bad shell" message in system.log.

If I look at system.log in console.app during a ftp-login attempt something strange occurs, when asked for a username, it instantly borks the login before it asks for the password (I type the username and hit enter, that's it). Here's the log entry:

Oct 18 23:44:40 g5 ftpd\[26404\]: ACCESS DENIED (not in any class) TO g5.mydomain.no \[10.0.0.20\]
Oct 18 23:44:40 g5 ftpd[\26404\]: FTP LOGIN REFUSED (access denied) FROM g5.mydomain.no \[10.0.0.20\], transfer

And I have yet to type in the password in the client (/usr/bin/ftp in terminal, tried others too).

My server is set to allow acces for any users for all services in serveradmin, so I'm kinda clueless about why this is happening.

The thing that caused my problems was doing this (I don't recommend anyone to test this in a production enviroment ;-)):
I changed FTPRoot in serveradmin->ftp to a invalid path, restarted ftp, obviously could not log in via ftp, changed the path back to the right one, and restarted ftp. Now ftp is completely broken.
I'm about to diff all the config-files against my production-server, but that's a big job.. :-/