A noob question but I can’t login through FTP when I use an FTP account. Here’s what I have. I created a server with domain example.com, password 1234. Then I went to Edit Users > Add FTP only account. I made an account test@example.com, password 7890.
Now, I can login through FTP using these settings:
Host: example.com
Port: 22
User: example
Password: 1234
But I can’t login with these settings:
Host: example.com
Port: 22
User: test or test@example.com
Password: 7890
I get an error “Connection has been unexpectedly closed”. What am I doing wrong?
hi @Vipul.K ftp is very old and insecure way to connect however ftp uses port 21 SSH uses port 22 hence correct your connection and it should works if your FTP server was set up correctly
In Webmin check the log files for /var/log/message or /var/log/secure
by default erros are reported to System log, and I did see some come up there when I got a bad login at /var/log/secure. https://doxfer.webmin.com/Webmin/System_Logs
Well the fact it accepting password, sounds like it not a authentication issue. Maybe go to protfd forums and search for solutions there. I use Centos and it works fine.
Steve
Edit: I’m not able to register there. Do you or someone else have an account there and let them know about this bug? The captcha doesn’t show up and it gives me an error about that. There’s no contact form or info.
If you’re using Firefox with strict security this could be the reason. Try disabling the “Enhanced Tracking Protection” (from the addressbar) or reduce its level (from the settings page).
I think I’ve found the reason. The test account does not have SSH access. (First row is the main user of the server, second row is test@example.com)
And SCP uses SSH so it makes sense if it’d give an error. There is no option in Virtualmin (that I can find) to select FTP and SSH login access so how do I do this?
If I use SFTP, Port 22 I get an error “Cannot initialize SFTP protocol. Is the host running an SFTP server?”
If SSH access is not possible/recommended, how would I enable SFTP on my setup?
I don’t recall ever coming across that option in Virtualmin. You may have to add the user to the SSH group, which would be by editing /etc/ssh/sshd_config to add an AllowUsers entry in CentOS. I have no idea how in Ubuntu.
There’s nothing terribly wrong with allowing SSH. Allowing password authentication is problematic; but even that can be done fairly safely if SSH is on a non-standard port AND strict rules regarding port-scanning and login failures are implemented at the firewall.
But don’t do the one unless you’re also willing to do the other. Using a non-standard port by itself isn’t very useful. You have to make it virtually impossible for a miscreant to stumble across the port and brute-force the password before getting locked out.
It helps if you set up login failure lockouts for all the commonly-abused service ports, including (and especially) services that don’t even exist on your server. For example, I always set up LFD to monitor 3389 (Windows RDP) on Linux servers just because it’s a popular target. If a miscreant or bot gets locked out of a non-existent service port, then I don’t have to worry about them accessing one that’s in use.
I do have fail2ban and other measures to protect the system but that’s not the topic of concern here. I first need the FTP to work. Right now it seems like virtualmin itself prevents ftp accounts from accessing the ftp services. Its not practical to edit config file everytime a user is created. Especially when user is created by a client who’s not a technical person and does not have permissions to edit config file.
I beleive I’m missing some configuration that is preventing access.
Where do I say I want to use FTP protocols? Are you a bot responding by keywords? I want to use SCP or SFTP. Even if I say FTP, I don’t mean the unsecure port 21 version. Because “who uses FTP those days?” If you can’t help kindly refrain from posting anything.
Well… the title of your post was " FTP not working for any server except root;" so I think one could be forgiven for thinking that you wanted to use FTP. I mean, if I complained that the corner store had no vanilla ice cream, one might reasonably conclude that I wanted vanilla ice cream, no?
So we all assumed, rightly so, that you were in fact trying to use FTP. You’ve flip flopped back and forth over what you were doing from post to post. That’s why people asked you why you’re even messing with FTP to begin with.
