Bug #8039
proftp logs pam errors
Description
NOTE: This bug is similar to solved bug #7392[[https://bugs.freenas.org/issues/7392]]
proftp logs the following error for every successful authentication:
Jan 15 02:41:02 xxx proftpd: authentication failure; logname=root uid=0 euid=0 tty=/dev/ftpd55968 ruser=cam rhost=xx.xx.x.xx user=cam
Jan 15 02:41:02 xxx proftpd: received for user cam: 13 (unknown user)
Jan 15 02:41:02 xxx proftpd: Access denied for user cam: 13 (unknown user)
at the same time when:
proftpd5313: 127.0.0.1 (192.168.2.24[192.168.2.24]) - FTP session opened.
nas proftpd5313: 127.0.0.1 (192.168.2.24[192.168.2.24]) - USER xxxxx: Login successful.
nas proftpd5313: 127.0.0.1 (192.168.2.24[192.168.2.24]) - FTP session closed.
I'm using openldap for authentication, however this error is logged for ldap as well as /etc/passwd users.
History
#1
Updated by Jordan Hubbard almost 6 years ago
Updated by Jordan Hubbard - Category set to OS
- Assignee set to Suraj Ravichandran
- Target version set to Unspecified
- Seen in changed from to
#2
Updated by Suraj Ravichandran almost 6 years ago
Updated by Suraj Ravichandran - Status changed from Unscreened to Screened
#3
Updated by Suraj Ravichandran almost 6 years ago
- Status changed from Screened to Unscreened
- Assignee changed from Suraj Ravichandran to William Grzybowski
William I assign this to you per jkh's request to clear myself of any impending 9.3 bugs that I decide should be included in TN-release on the 12th.
I have been asked to shift all and every resource of mine to freenas10.
Thanks.
(this message may be repeated in other bug comments).
#4
Updated by William Grzybowski almost 6 years ago
Updated by William Grzybowski - Status changed from Unscreened to Screened
#5
Updated by William Grzybowski almost 6 years ago
It seems like it is first trying the local users, spitting out the error and then retrying with pam_sss.
#6
Updated by William Grzybowski almost 6 years ago
- Status changed from Screened to Closed: Cannot reproduce
I cannot reproduce your issue.
My openldap login works successfully and does not report any failed attempt:
Mar 5 11:39:36 freenas sshd14350: authentication success; logname=root uid=0 euid=0 tty= ruser= rhost=192.168.3.5 user=vi
Mar 5 11:39:36 freenas sshd14350: Accepted password for vi from 192.168.3.5 port 35722 ssh2
Mar 5 11:40:21 freenas proftpd: authentication success; logname=root uid=0 euid=0 tty=/dev/ftpd14361 ruser=vi rhost=192.168.3.5 user=vi
Mar 5 11:40:47 freenas sshd14352: Received disconnect from 192.168.3.5: 11: disconnected by user
Mar 5 11:40:54 freenas proftpd: authentication success; logname=root uid=0 euid=0 tty=/dev/ftpd14371 ruser=vi rhost=192.168.3.5 user=vi
#7
Updated by Paul de Reus almost 6 years ago
Updated by Paul de Reus Thank for looking into this William. I have checked as well in the last updateFreeBSD 9.3-RELEASE-p10 #0 r275790+a21079f
I still get the error, but they are nowhere in the logs. Instead the nightly 'Security Run output' emails contain the Mar 6 00:26:02 xxx proftpd: authentication failure; logname=root uid=0 euid=0 tty=/dev/ftpd79969 ruser=securitycam rhost=rhost user=cam
Hope this helps,
Paul
#8
Updated by Paul de Reus almost 6 years ago
William, can you look at this one again?
The errors are logged in the highly 'Security Run output' emails
#9
Updated by Kris Moore over 3 years ago
- Target version changed from Unspecified to N/A