I just installed Redhat 7.2. So it by default installed wu-ftpd ftp server. but its not allowing to connect thru ftp with any existing users in the system. It simple says " Must perform authentication before identifying USER" but anonymous ftp is working....does anyone have solution for this !!!

do yourself a favor and remove wu-ftp and install proftp, there are exploits with wuftp that would allow hackers to take over your system. if you do a search on these forums Im sure you will find many people saying the same thing.

Originally posted by jahsh
do yourself a favor and remove wu-ftp and install proftp, there are exploits with wuftp that would allow hackers to take over your system. if you do a search on these forums Im sure you will find many people saying the same thing.

Are you aware of any current/unpatched exploits in Wu_FTP? If not, that is about as misleading a statement as you can make. Similar to saying "get rid of VBulletin. It has exploits...etc" VBulletin DID have exploits, they've been patched. WuFTP DID have exploits. They've been patched. Unless you know of some current ones, it would be better to say something like... "Make sure your version of WuFTP is current, as there were security holes in versions before x.xx"

Also, that answer did very little to answer the original poster's question.

Originally posted by raj4800
I just installed Redhat 7.2. So it by default installed wu-ftpd ftp server. but its not allowing to connect thru ftp with any existing users in the system. It simple says " Must perform authentication before identifying USER" but anonymous ftp is working....does anyone have solution for this !!!

I don't believe the problem is specific to wu_ftp, but rather the authentication mechanism you are using. (probably Kerberos) If you switch that to PAM, it would probably work. :)

Originally posted by elsmore1


Are you aware of any current/unpatched exploits in Wu_FTP? If not, that is about as misleading a statement as you can make. Similar to saying "get rid of VBulletin. It has exploits...etc" VBulletin DID have exploits, they've been patched. WuFTP DID have exploits. They've been patched. Unless you know of some current ones, it would be better to say something like... "Make sure your version of WuFTP is current, as there were security holes in versions before x.xx"

Also, that answer did very little to answer the original poster's question.
thanks for pointing that out, i see you were in such a hurry to post something negative about my post you forgot to even answer the question:rolleyes:

Originally posted by jahsh

thanks for pointing that out, i see you were in such a hurry to post something negative about my post you forgot to even answer the question:rolleyes:

Maybe if you scrolled just a little bit, you would have seen an answer to the original question in the next post in the thread. (posted by me.)

Anything else I can do for you?

i already saw that, to bad you forgot to add it to your original post which was to flame me. or even use the edit option to not make yourself look as dumb. there is absolutely nothing you can do for me thanks though.

Sorry you are taking it so hard. :) Perhaps after you recover you can try offering advice again.

Note: There is less chance of getting "flamed" (or feeling like you were) if you offer correct and accurate information pertinent to the subject at hand.

Originally posted by jahsh
i already saw that, to bad you forgot to add it to your original post which was to flame me. or even use the edit option to not make yourself look as dumb. there is absolutely nothing you can do for me thanks though.

I uninstalled the wu-ftp and installed the proftpd but still no result....and again I removed proftpd and installed wu-ftpd...but getting the same error " Must perform authentication before identifying USER" when trying FTP....does anyone have solution for this....I checked the /etc/pam.d/ftp it has

###########
p#%PAM-1.0
auth required /lib/security/pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
auth required /lib/security/pam_stack.so service=system-auth
auth required /lib/security/pam_shells.so
account required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
###########
I think this file ok...

Same problem - this is what worked for wu-ftpd

The default wu-ftpd for redhat will work is you add your passwords back in.

# passwd fish

However I had the passwords in a data base so I just wrote script (which I can't seem to find)

get name password from database
system("echo password | passwd --stdin name")

Don't ask me to explain it - 7.3 does not have wu-ftpd source code with it.

anyway... I reinstalled the Redhat 7.2 now that problem has been solved !!!

Thanks guys for your suggestions ...have a nice day...