530 login incorrect accessing FTP server

Remote users cannot access the Solaris 8 FTP server.   In FileZilla client they see
< 220 blade150 FTP server (SunOS 5.8) ready
> USER xyz
< 331 Password required for xyz.
> PASS (hidden)
< 530 Login incorrect
530 Login incorrect
Connection closed.

I already checked the following:
a) there is a /etc/ftpusers file and it does not contain user xyz
b) in /etc/inetd.conf there is a line
ftp stream tcp nowait root /usr/sbin/in.ftpd in.ftpd
c) there is /usr/sbin/in.ftpd file
d) user xyz can ssh into the server

Francois KoutchoukCTOAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

it could be that there is a firewall resetting the session.

Can you try from the server it self to

ftp 0

and see if user can login and transfer files
Brian UtterbackPrinciple Software EngineerCommented:
The session isn't being reset, the session authentication is failing. Do you know what the password
for the user is? Have you tried doing the login manually instead of via filezilla? You said you used ssh to login, is that with keys or giving the password? Also, check the /etc/pam.conf file for problems.
Francois KoutchoukCTOAuthor Commented:
omarfarid:  ftp 0 fails for two users that I have passwords for.  After entering the password I get
530 Login incorrect

blu: yes I know the passwords.  ssh is with a password (same one).  There is no "ftp" string in /etc/pam.conf

Additional:  the server is only accessed from a local network (or VPN), so I do not need complicated security.  Username/password is enough.   So any solution that will permit that is ok with me!
Brian UtterbackPrinciple Software EngineerCommented:
Did you try making the FTP connection without filezilla?

Okay, two ideas spring to mind. First, SSH does not come with Solaris 8, so it seems likely that it might very well be authenticating in a manner different form FTP. In the pam.conf file, ftp usually uses the "other" lines. Is you pam.conf modified in any way?

Another idea is that the ftp daemon might be set up to do a chroot call and the chroot environment is not set up correctly.

A sure fire method to figure out what is happening is to use truss on the inetd daemon just as you try to login with FTP. The problem with this is that you get a lot of data and there is no easy way to tell you how to interpret it.

So, on the server, log in as root. Find the pid of the inetd process and then run this command

truss -faled -o /tmp/inet.truss -p pidofinetd

Then immediately after starting this command, try to login with FTP from another system. As soon as you get the login incorrect message, use control c on the truss command.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Francois KoutchoukCTOAuthor Commented:
I rebooted my system... and restored my pam.conf.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Unix OS

From novice to tech pro — start learning today.