Users with /bin/false shell to login on vsftpd

With default configuration of vsftp (vsftpd.conf under /etc) users with no shell or /bin/false shell are not able to login vsftpd ftp server. This is because vsftpd.conf includes such a line to enable pam module.

pam_service_name=vsftpd

This line points to which pam service name will be applied. Pam configuration related to vsftpd is  then  /etc/pam.d/vsftpd .

This pam file contains a file such as:

auth   required        pam_shells.so

 
This means basically only the users who have valid shells will be authenticated. Setting the shell to  /bin/false of a user simply means that this user will not be able to login the system via vsftpd. (ftp service). 

To enable users with no valid shell to login the ftp server, commenting out this line in /etc/pam.d/vsftpd file will be sufficient.

 





You must be login first or sign-up for an account to post comments.