Hey Dave,
I think you misunderstood me on this one:
I said: Is the user’s shell listed in /etc/shells? It has to be for an FTP login to be allowed.
You said: i changed the shell to /etc/shells, and the ftp address to subdomain.mysite.com
Not quite what I had in mind.
The users shell (whatever it is) needs to be listed in the file /etc/shells. It can’t be /etc/shells. That won’t work better than anything else not listed in /etc/shells.
On my system:
[[joe@delilah themes]]$ cat /etc/shells
/bin/sh
/bin/bash
/sbin/nologin
/bin/ash
/bin/bsh
/bin/ksh
/usr/bin/ksh
/usr/bin/pdksh
/bin/tcsh
/bin/csh
/bin/false
/bin/ibsh
So, my FTP users (assuming I ever used FTP or allowed FTP access) could have any of those shells–and no others. If I add another shell to the system I need to add it to the list in /etc/shells.
i’m pretty sure proftp works, it works for my main web site
This almost certainly means you had given the user a shell that is not in /etc/shells.
the reason, i created a new user is because the subdomain is for my brother, and i want him to login only to the subdomain and not to my main site
Give him his own domain, not a subdomain. It can still be named subdomain.domain.tld…but it won’t share any data or access. This is what you want to happen. When you create a domain owned by another domain, the goal is to share data. What the domain names are is irrelevant. In other words, you’re chasing the wrong problem.
Nonetheless, it’s worth addressing the one you have run into…I strongly suspect getting the shell right will fix the problem (but it will still give your brother different access than you want).
also, i understand the security advantages of sftp, but it’s too slow in my mind, i think the speed advantage outweighs the security risk for me
There should be no noticeable speed difference between FTP over SSH and FTP on any hardware less than ten years old. In fact, SSH-based protocols can be faster in some circumstances because they support compression while traditional FTP does not. If you are seeing FTP seem faster than an SSH based session, your system has configuration problems, probably related to DNS. (Initial login is slightly slower, due to negotiation of keys, but it’s not terribly noticeable by humans).