Return to Level1Techs.com

Filezilla FTP - 530 Login Incorrect [solved]

So I am trying to get ProFTPD configured on me Virtual Private Server, tried to login with FileZilla and I get the Response: 530 Login incorrect. error. I have allowed it on the firewall on my VPS, followed every guide I possibly could find. Yes, I put my password in correctly, tried different users, and tinkering with the config files. Running Ubuntu 16.04 LTS. Anyone tries to say anything obvious, I will probably snap; trying to get my site back up and running so I don't fall behind on my writing.
Here is my config for Proftpd:

/etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file.

To really apply changes, reload proftpd after modifications, if

it runs in daemon mode. It is not required in inetd/xinetd mode.

Includes DSO modules

Include /etc/proftpd/modules.conf

Set off to disable IPv6 support which is annoying on IPv4 only boxes.

UseIPv6 off

If set on you can experience a longer connection delay in many cases.

IdentLookups off
ServerName "abysstech.tech"
ServerType standalone
DeferWelcome off
MultilineRFC2228 on
DefaultServer on
ShowSymlinks on
TimeoutNoTransfer 600
TimeoutStalled 600
TimeoutIdle 1200
DisplayLogin welcome.msg
DisplayChdir .message true
ListOptions "-l"
DenyFilter *.*/

Use this to jail all users in their homes

DefaultRoot ~

Users require a valid shell listed in /etc/shells to login.

Use this directive to release that constrain.

RequireValidShell on

Port 21 is the standard FTP port.

Port 21

In some cases you have to specify passive ports range to by-pass

firewall limitations. Ephemeral ports can be used for that, but

feel free to use a more narrow range.

PassivePorts 49152 65534

If your host was NATted, this option is useful in order to

allow passive tranfers to work. You have to use your public

address and opening the passive ports used on your firewall as well.

MasqueradeAddress 1.2.3.4

This is useful for masquerading address with dynamic IPs:

refresh any configured MasqueradeAddress directives every 8 hours

DynMasqRefresh 28800

To prevent DoS attacks, set the maximum number of child processes

to 30. If you need to allow more than 30 concurrent connections

at once, simply increase this value. Note that this ONLY works

in standalone mode, in inetd mode you should use an inetd server

that allows you to limit maximum number of processes per service

(such as xinetd)

MaxInstances 30

Set the user and group that the server normally runs at.

‪#‎User‬ proftpd
‪#‎Group‬ nogroup

Umask 022 is a good standard umask to prevent new files and dirs

(second parm) from being group and world writable.

Umask 022 022

Normally, we want files to be overwriteable.

AllowOverwrite on

Uncomment this if you are using NIS or LDAP via NSS to retrieve passwords:

PersistentPasswd off

This is required to use both PAM-based authentication and local passwords

AuthOrder mod_auth_pam.c* mod_auth_unix.c

Be warned: use of this directive impacts CPU average load!

Uncomment this if you like to see progress and transfer rate with ftpwho

in downloads. That is not needed for uploads rates.

UseSendFile off

TransferLog /var/log/proftpd/xferlog
SystemLog /var/log/proftpd/proftpd.log

Logging onto /var/log/lastlog is enabled but set to off by default

‪#‎UseLastlog‬ on

In order to keep log file dates consistent after chroot, use timezone info

from /etc/localtime. If this is not set, and proftpd is configured to

chroot (e.g. DefaultRoot or ), it will use the non-daylight

savings timezone regardless of whether DST is in effect.

‪#‎SetEnv‬ TZ :/etc/localtime

QuotaEngine off


Ratios off

Delay engine reduces impact of the so-called Timing Attack described in

http://www.securityfocus.com/bid/11430/discuss

It is on by default.


DelayEngine on


ControlsEngine off
ControlsMaxClients 2
ControlsLog /var/log/proftpd/controls.log
ControlsInterval 5
ControlsSocket /var/run/proftpd/proftpd.sock


AdminControlsEngine off

Alternative authentication frameworks

‪#‎Include‬ /etc/proftpd/ldap.conf

Include /etc/proftpd/sql.conf

This is used for FTPS connections

Include /etc/proftpd/tls.conf

Useful to keep VirtualHost/VirtualRoot directives separated

Include /etc/proftpd/virtuals.conf

A basic anonymous configuration, no upload directories.

User ftp

Group nogroup

# We want clients to be able to login with "anonymous" as well as "ftp"

UserAlias anonymous ftp

# Cosmetic changes, all files belongs to ftp user

DirFakeUser on ftp

DirFakeGroup on ftp

RequireValidShell off

# Limit the maximum number of anonymous logins

MaxClients 10

# We want 'welcome.msg' displayed at login, and '.message' displayed

# in each newly chdired directory.

DisplayLogin welcome.msg

DisplayChdir .message

# Limit WRITE everywhere in the anonymous chroot

DenyAll

# Uncomment this if you're brave.

#

# # Umask 022 is a good standard umask to prevent new files and dirs

# # (second parm) from being group and world writable.

# Umask 022 022

#

# DenyAll

#

#

# AllowAll

#

#

Include other custom configuration files

Include /etc/proftpd/conf.d/
RootLogin on
UseFtpUsers off

RequireValidShell off
LoginPasswordPrompt on
RootLogin off

How about you put some work into your post, then maybe you'll get help.

1 Like

I'm sorry you're having trouble. I just had a similar frustrating episode these past two days with DHCP, PXEBOOT and some routers on my ISPs networks trying to be sneaky... I can't really help you with ProFTPD since I don't use it for FTP, but maybe you'd be willing to use SSH instead? I've always found it easier to use SSH and configure the SFTP protocol (instead of TFTP) with a user setup in Ubuntu. Setting up Filezilla after that is simple since you can either use PuttyAgent with keys or if you're brave, just the username and password for the user. There are plenty of official tutorials on getting this to work with SSH that make it easy, too. When I first set it up, I usually change the default port to 2222, 10022 or 12222 or something random to make it more difficult to find and hack. And then I just have to remember to open any firewalls on routers if I want web access.

Also, with every personal Ubuntu server I have setup, I've always had an SSH terminal ready to go, but I also always install Webmin to make it easier to access and change server settings. Just remember to open a port for Webmin in any firewalls since it uses port 10000 instead of port 80 or 443 for web access.

Sorry if that's not the help you wanted, but it might be worth it to check out SSH instead.

I'd recommend working through the formatting on your post as it is very hard to read. Suggest changing all the text formatted as a heading to standard text and use [code] tags when needed. This will likely enable more folks to try to help you out.

I'll try that, though I was able to get the problem sorted out. Just need to get wordpress to work..... I'll be deleting this post.