Hey guys,
I just installed FreeBSD on a spare box I have here and have a problem....my FTP server won't let anybody in although I can log in via SSH....the FTP server was working then it just started rejecting logins with login incorrect messages...what'a up?

which user are you trying to login as?

First, you want to check to see if the service is running on the machine. Normally, with tcp-wrappers installed, it'll look like in.ftpd in /etc/services and the ports (20 for data, 21 for transfer) are declared in /etc/inetd.conf (something I don't know if updated BSD uses, like Redhat uses xinetd now). Then make sure /etc/ftpusers doesn't have the account you're ftping in as listed (like root). Nobody will be able to log in if their name is in /etc/ftpusers.

Note: this is related mostly for RH linux structures but the similarities between the two should carry over.

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=223088#post484530) by Vorlin
Then make sure /etc/ftpusers doesn't have the account you're ftping in as listed (like root). Nobody will be able to log in if their name is in /etc/ftpusers.

;) Thanx Vorlin....that is exactly what I was getting at when I asked who he was trying to log in as...just didn't feel like explaining it...

ok...fixed it...problem was I was trying to START ftpd as root but run it with limted rights. i set that line in inetd.conf to nobody...after that nobody could log in to the server....how do i not have FTPD running as root?

Because if someone compromised your ftp daemon with a buffer overflow (those are most prevalent to get into a system remotely), then they'd have a root shell and could do whatever they want. Just like apache it seems, most major services are turning over to user nobody after initial launch so that it's a limited account started by root but not run *as* root. Better security that way. The user nobody usually has no shell (/bin/false usually), is locked, etc...