vsftpd - virtual users and PAM problems

[rb6freak]

I've exhausted setting up virtual users on vsftpd for 3 days now. I've tried numerous setups and all have failed for virtual users. Any help is greatly appreciated.

I’ve tried multiple configuration changes. I can get local users to login without any problems, but when I attempt to login with a virtual user I get these errors:

[root@me ~]# tail -4 /var/log/secure
Mar 25 16:37:54 me sshd[9378]: Invalid user testuser1 from ::ffff:192.168.1.80
Mar 25 16:37:54 me sshd[9379]: input_userauth_request: invalid user testuser1
Mar 25 16:37:56 me sshd[9378]: Failed password for invalid user testuser1 from ::ffff:192.168.1.80 port 2040 ssh2
Mar 25 16:38:03 me sshd[9379]: fatal: Read from socket failed: Connection reset by peer

[root@me ~]# tail -2 /var/log/messages
Mar 25 16:37:54 me sshd(pam_unix)[9378]: check pass; user unknown
Mar 25 16:37:54 me sshd(pam_unix)[9378]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=laptop.me.dom

I've loaded my login file (vsftpd_login) with these methods on different attempts:
db_load -T -t hash -f logins.txt /etc/vsftpd/vsftpd_login.db
db_load2 -T -t hash -f logins.txt /etc/vsftpd/vsftpd_login.db
db_load33 -T -t hash -f logins.txt /etc/vsftpd/vsftpd_login.db
db_load41 -T -t hash -f logins.txt /etc/vsftpd/vsftpd_login.db

Is there something wrong with PAM? If I can’t find the problem shortly my next attempt will be to to apply updates to RH which I really don’t want to do.

I have included a list of my machine setup and configuration below:

[root@me ~]# uname -msrv
Linux 2.6.9-55.EL #1 Fri Apr 20 16:35:59 EDT 2007 i686

[root@me ~]# rpm -ql pam | grep pam_userdb.so
/lib/security/pam_userdb.so

[root@me ~]# rpm -qa | grep -i db
rpmdb-redhat-4-0.20070421
nss_db-2.2-29
unixODBC-2.2.11-1.RHEL4.1
dbus-glib-0.22-12.EL.9
perl-DBI-1.40-8
compat-db-4.1.25-9
dbus-x11-0.22-12.EL.9
db4-utils-4.2.52-7.1
gdbm-devel-1.8.0-24
dbus-devel-0.22-12.EL.9
gpg-pubkey-db42a60e-37ea5438
gdbm-1.8.0-24
db4-4.2.52-7.1
dbus-0.22-12.EL.9
dbus-python-0.22-12.EL.9
db4-devel-4.2.52-7.1
gdb-6.3.0.0-1.143.el4
libdbi-0.6.5-10.RHEL4.1
unixODBC-kde-2.2.11-1.RHEL4.1

[root@me ~]# rpm -ql compat-db
/lib/libdb-3.3.so
/lib/libdb-4.1.so
/lib/libdb2.so.3
/usr/bin/berkeley_db33_svc
/usr/bin/berkeley_db41_svc
/usr/bin/db1_dump185
/usr/bin/db2_archive
/usr/bin/db2_checkpoint
/usr/bin/db2_deadlock
/usr/bin/db2_dump
/usr/bin/db2_load
/usr/bin/db2_printlog
/usr/bin/db2_recover
/usr/bin/db2_stat
/usr/bin/db33_archive
/usr/bin/db33_checkpoint
/usr/bin/db33_deadlock
/usr/bin/db33_dump
/usr/bin/db33_load
/usr/bin/db33_printlog
/usr/bin/db33_recover
/usr/bin/db33_stat
/usr/bin/db33_upgrade
/usr/bin/db33_verify
/usr/bin/db41_archive
/usr/bin/db41_checkpoint
/usr/bin/db41_deadlock
/usr/bin/db41_dump
/usr/bin/db41_load
/usr/bin/db41_printlog
/usr/bin/db41_recover
/usr/bin/db41_stat
/usr/bin/db41_upgrade
/usr/bin/db41_verify
/usr/lib/libdb.so.2
/usr/lib/libdb1.so.2
/usr/share/doc/compat-db-4.1.25
/usr/share/doc/compat-db-4.1.25/db-2
/usr/share/doc/compat-db-4.1.25/db-2/LICENSE
/usr/share/doc/compat-db-4.1.25/db-2/README
/usr/share/doc/compat-db-4.1.25/db-3.3.11
/usr/share/doc/compat-db-4.1.25/db-3.3.11/LICENSE
/usr/share/doc/compat-db-4.1.25/db-3.3.11/README

[root@me ~]# cat /etc/vsftpd/vsftpd.conf
anonymous_enable=NO
local_enable=YES
write_enable=NO
anon_upload_enable=NO
anon_mkdir_write_enable=NO
anon_other_write_enable=NO
chroot_local_user=YES
guest_enable=YES
guest_username=virtual
listen=YES
pam_service_name=vsftpd
user_sub_token=$USER
local_root=/home/virtual/$USER

[root@me ~]# cat /etc/pam.d/vsftpd
auth required /lib/security/pam_userdb.so db=/etc/vsftpd/vsftpd_login
account required /lib/security/pam_userdb.so db=/etc/vsftpd/vsftpd_login

[root@me vsftpd]# strings /etc/vsftpd/vsftpd_login.db
testpass1
testuser1

[rb6freak]

Grrr,

I was connecting with SFTP client vs FTP. That was my problem. My next question is how to disable SFTP. I will research that one and post an answer if I can find one,