Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SOLVED Updated to v66, problem with FTP

Discussion in 'General Discussion' started by MikeRichardson, Aug 23, 2017.

  1. MikeRichardson

    MikeRichardson Registered

    Joined:
    Aug 23, 2017
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Houston TX
    cPanel Access Level:
    Root Administrator
    Updated from v64 to v66.

    Using pure-FTPD, a stored FTP login no longer worked.

    Switching to pro-FTPD, the login worked.

    Switching back to pure-FTPD - login does not work.

    The server has 5 IPv4 addresses. The login does not work (but did in v64), when using the dedicated IP of the account (xx.xx.xx.93). I have to use the server shared IP (xx.xx.xx.90).

    Not sure if this is a bug or intentional behavior.
     
  2. Spork Schivago

    Spork Schivago Well-Known Member

    Joined:
    Jan 21, 2016
    Messages:
    514
    Likes Received:
    54
    Trophy Points:
    28
    Location:
    corning, ny
    cPanel Access Level:
    Root Administrator
    Hi!

    Are there any logs you could share or maybe provide a little more information? When you say pure-FTPD, login does not work....do you mean you get the login screen where it asks for a username / password, and when you type it in, it gives you an access denied message? Or do you mean you cannot even connect to the ftp server when using pure-FTPD?

    Thanks.
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,165
    Likes Received:
    1,371
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Could you let us know the output to /var/log/messages when authentication fails? Also, can you confirm if you are you using the short-form username (e.g. ftpuser1), or the long-form username (e.g. ftpuser1@domain.tld)? In order to use the short-form FTP username (with the exception of the cPanel account username), the account must be assigned a dedicated IP address, and you have to use that dedicated IP address (or a domain name resolving to it) as the host in your FTP client. I tested this on a server running cPanel version 66 and it worked as expected.

    Thank you.
     
  4. MikeRichardson

    MikeRichardson Registered

    Joined:
    Aug 23, 2017
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Houston TX
    cPanel Access Level:
    Root Administrator
    The exact error is, "530 Login authentication failed". I can always connect either way.

    I am using the cPanel account username. (which is just "network")

    The account uses the shared IP, but I have been logging into FTP for all these years, using a domain name that is actually on a dedicated IP. My guess is that the checking is a little more strict now in v66, but only when using pure-FTPD for some reason.

    It might still be a bug though. This case might be related:
    • Fixed case CPANEL-13096: Fix short-form authentication for PureFTPd and accounts w/ dedicated IP.
    To recap, the account that I am logging into is on the shared IP, but for years I have actually been using one of the dedicated IPs in my FTP client to log in.

    These are the credentials that worked until v66 (and still work, with pro-FTPD):
    • Server: xx.xx.xx.93 (dedicated IP of account "revenue")
    • Username: network (cPanel account username - uses shared IP xx.xx.xx.90)
    • Password: cPanel password
    As of v66, when using pure-FTPD I must use these credentials:
    • Server: xx.xx.xx.90 (shared IP)
    • Username: network (cPanel account username, uses shared IP)
    • Password: cPanel password
    Hopefully that clarifies it a bit. Let me know if this was intended or is some kind of regression. It had me a little worried, I thought maybe we'd been hacked or there was some kind of severe corruption since switching FTPD servers back and forth didn't clear it up. I would guess that having different behavior between the two servers is probably incorrect.
     
  5. MikeRichardson

    MikeRichardson Registered

    Joined:
    Aug 23, 2017
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Houston TX
    cPanel Access Level:
    Root Administrator
    Can't seem to edit posts. The initial post was a little confusing. Hopefully I clarified it with the second post.
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,165
    Likes Received:
    1,371
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    The behavior you notice did change in cPanel version 66, however it is by-design. The case you referenced corrected the behavior so that authentication over the dedicated IP address is only possible for FTP accounts created under that dedicated IP address:

    Fixed case CPANEL-13096: Fix short-form authentication for PureFTPd and accounts w/ dedicated IP.

    This allows short-form authentication for virtual FTP accounts to work on accounts associated with the dedicated IP addresses. Here's a scenario where this is applicable:

    cpuser1 > domain1.tld > Assigned Shared IP
    cpuser2 > domain2.tld > Assigned Dedicated IP

    Let's say you access cPanel for "cpuser2", browse to "FTP Accounts" and create a new FTP account with the following username:

    cpuser1@domain2.tld

    With short-form authentication, there would be no way to distinguish "cpuser1" from "cpuser1@domain2.tld" if the behavior you used in the past were allowed.

    Thank you.
     
  7. Misiek

    Misiek Well-Known Member

    Joined:
    Feb 23, 2004
    Messages:
    104
    Likes Received:
    0
    Trophy Points:
    166
    Dear Support,
    I cannot access via FTP to any of mine accounts, clients are making the same statements.
    Main account is turned on :
    Polecenie: USER takecom
    Odpowiedź 331 User someuser OK. Password required
    Polecenie: PASS **********
    Odpowiedź 530 Login authentication failed

    This started today I really do not know what is happening.

    Seems like there is a bug from version 66 if You use host : mainhost.com instead of ftp.accounthost.com then You cannot login, but in al earlier version that worked so why the change now? Furtermore if client doesnt have a working domain there is now way for him to login to main account.
     
    #7 Misiek, Sep 5, 2017
    Last edited: Sep 5, 2017
  8. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,165
    Likes Received:
    1,371
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hi @Misiek,

    Check to ensure the IP address or domain name used as the FTP host in the FTP client resolves to the IP address associated with the cPanel account that's authenticating. You can use the IP address itself as the FTP host if there's no working domain name. The below case corrected the past behavior in cPanel 66 so that authentication over the dedicated IP address is only possible for FTP accounts created under that dedicated IP address:

    Fixed case CPANEL-13096: Fix short-form authentication for PureFTPd and accounts w/ dedicated IP.

    Thank you.
     
Loading...

Share This Page