ubspress
asked on
take a long time to login to vsftp server
Hi all,
I'm using FC7 with vsftp.
A big problem is when user login to my server, after they enter a password, they need to wait a very long time to login. I disabled SELinux but still same.
After login, everything works fine.
Any one have idea that can let user immidiate login after they enter password?
Thanks a lot!!
I'm using FC7 with vsftp.
A big problem is when user login to my server, after they enter a password, they need to wait a very long time to login. I disabled SELinux but still same.
After login, everything works fine.
Any one have idea that can let user immidiate login after they enter password?
Thanks a lot!!
try adding:
UserReverseDNS off
To vsftpd.conf
reference:
https://www.experts-exchange.com/questions/22795404/how-turn-off-the-dns-reverse-lookup-in-vsftpd.html
UserReverseDNS off
To vsftpd.conf
reference:
https://www.experts-exchange.com/questions/22795404/how-turn-off-the-dns-reverse-lookup-in-vsftpd.html
ASKER
After i add UserReverseDNS off to vsftpd.conf, I can not start vsftpd. seems UserReverseDNS off is not an option of vsftpd....
The problem still not solved...
The problem still not solved...
my mistake
try without the "r"
UseReverseDNS off
try without the "r"
UseReverseDNS off
in fact, please use these two:
UseReverseDNS off
IdentLookups off
UseReverseDNS off
IdentLookups off
this FAQ say it can have something to do with PAM on some platforms... please check it
ftp://vsftpd.beasts.org/users/cevans/untar/vsftpd-2.0.3/FAQ
ftp://vsftpd.beasts.org/users/cevans/untar/vsftpd-2.0.3/FAQ
ASKER
Both "UseReverseDNS off" and "IdentLookups off" can not work.
The vsftpd can not start with error code 500. OOPS: unrecognised variable in config file.
My user can login, but need to wait a very long time to wait for the login.
Problem still not solved...
The vsftpd can not start with error code 500. OOPS: unrecognised variable in config file.
My user can login, but need to wait a very long time to wait for the login.
Problem still not solved...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
pretty bad I picked up these options from a google search on vsftpd.conf
but from the man page
15.5.1. Daemon Options
# listen_ipv6 When enabled, vsftpd runs in stand-alone mode, but listens only to IPv6 sockets. This directive cannot be used in conjunction with the listen directive.
The default value is NO.
# session_support When enabled, vsftpd attempts to maintain login sessions for each user through Pluggable Authentication Modules (PAM). Refer to Chapter 16 Pluggable Authentication Modules (PAM) for more information. If session logging is not necessary, disabling this option allows vsftpd to run with less processes and lower privileges.
The default value is YES. <-------- CHANGE TO NO AND TEST
it is also advisable to check if your server's dns can resolve reverse dns from your client
but from the man page
15.5.1. Daemon Options
# listen_ipv6 When enabled, vsftpd runs in stand-alone mode, but listens only to IPv6 sockets. This directive cannot be used in conjunction with the listen directive.
The default value is NO.
# session_support When enabled, vsftpd attempts to maintain login sessions for each user through Pluggable Authentication Modules (PAM). Refer to Chapter 16 Pluggable Authentication Modules (PAM) for more information. If session logging is not necessary, disabling this option allows vsftpd to run with less processes and lower privileges.
The default value is YES. <-------- CHANGE TO NO AND TEST
it is also advisable to check if your server's dns can resolve reverse dns from your client
ASKER
problem solved.
the problem arised due to DNS. I did not set the nat out on my firewall.
so either I remove my pri/sec dns or add a nat out and should work..
thanks for everyone contribution
the problem arised due to DNS. I did not set the nat out on my firewall.
so either I remove my pri/sec dns or add a nat out and should work..
thanks for everyone contribution
#20757645 should have started the path leading to DNS problems, but was not followed up onto on EE.
The problem will still not be resolved for some parts of the world this way.
The problem will still not be resolved for some parts of the world this way.
If an ident call is done by the server to the client (not exactly needed or useful) it might add to the network setup time.
the ftp server setup is probably to blame.
if you do want logging with machine names check the DNS config so that it resolves
the reverse also.