From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.8) Gecko/20020301 Description of problem: I tried setting userlist_deny=NO to have all users denied access to the vsFTPd service except those listed in the /etc/vsftpd.user_list file. Although the ftp login allowed me to enter only the user names from that list, all login attempts failed to recognize valid passwords. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1.Open /etc/vsftpd.conf. 2.Set userlist_deny=NO 3.Restart daemon (/etc/init.d/vsftpd restart) 4. Try to ftp to server as any user in /etc/vsftpd.user_list. Actual Results: All login attempts fail. Attempts to login as users not in the /etc/vsftpd.user_list file don't even get a chance to enter a password. Expected Results: Valid user accounts in /etc/vsftpd.user_list should have been allowed to login to the server. Additional info: I added a regular user name to the /etc/vsftpd.user_list, just to make sure that something else wasn't just blocking root and other admin passwords. Same result. I also tried setting userlist_enable=NO to see if that helped (it's set to YES in vsftpd.conf). The users listed in /etc/vsftpd.user_list still had their passwords rejected. However, anonymous and real users were allowed in again.
Oops. Fixed in vsftpd-1.0.1-5.