I have Ubuntu 10.4LTS server running for more than 1 year without problems.
On this server I have Pure-FTP-MySQL installed (pure-ftpd-common pure-ftpd-mysql) with explicit TLS and self-signed certificate. Works perfectly!
Starting ftp server: Running: /usr/sbin/pure-ftpd-mysql-virtualchroot -l mysql:/etc/pure-ftpd/db/mysql.conf -l pam -A -p 10900:11999 -E -Y 2 -D -8 UTF-8 -u 1000 -O clf:/var/log/pure-ftpd/transfer.log -H -b -B
Now, from few days ago none of the users can login:
Status: Resolving address of ftp.myserver.net
Status: Connecting to 10.10.10.133:21...
Status: Connection established, waiting for welcome message...
Response: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
Response: 220-You are user number 1 of 50 allowed.
Response: 220-Local time is now 19:46. Server port: 21.
Response: 220-This is a private system - No anonymous login
Response: 220-IPv6 connections are also welcome on this server.
Response: 220 You will be disconnected after 15 minutes of inactivity.
Command: AUTH TLS
Response: 234 AUTH TLS OK.
Status: Initializing TLS...
Status: Verifying certificate...
Command: USER test
Status: TLS/SSL connection established.
Response: 331 User test OK. Password required
Command: PASS ******
Response: 530 Login authentication failed
Error: Critical error
Error: Could not connect to server
I haven't changed anything!
All what has been happening in the neighborhood was a test of new firewall, which I removed after testing and put old firewall back. All old settings preserved, actually nothing was changed.
- removed pure-ftpd-mysql and pure-ftpd-common (preserved settings), and installed back, but NO AVAIL
- removed SSL cert and created new one, but NO AVAIL
- changed /etc/pure-ftpd/conf/TLS from 2 to 1 to allow also non-TLS connections...but still NO AVAIL (same error as above)
- bypassed firewall and tested from local LAN IP, with or without TLS, but NO AVAIL
Always the same message in /var/log/messages :
Apr 4 19:41:42 ftp pure-ftpd: (?@10.10.10.125) [INFO] New connection from 10.10.10.125
Apr 4 19:41:42 ftp pure-ftpd: (?@10.10.10.125) [INFO] SSL/TLS: Enabled TLSv1/SSLv3 with DHE-RSA-AES128-SHA, 128 secret bits cipher
Apr 4 19:41:44 ftp pure-ftpd: (?@10.10.10.125) [INFO] PAM_RHOST enabled. Getting the peer address
Apr 4 19:41:50 ftp pure-ftpd: (?@10.10.10.125) [WARNING] Authentication failed for user [test]
Apr 4 19:41:50 ftp pure-ftpd: (?@10.10.10.125) [INFO] Logout.
I do not understand.
This is not Windows self-breaking OS, but stable Linux box.