This article is from the Frequently Asked Questions for Linux, the Free/Open Source UNIX-like operating system kernel that runs on many modern computer systems. Maintained by David C. Merrill with numerous contributions by others. (v1.0).
A: This applies to server daemons that respond to clients, but don't allow logins. On new systems that have Pluggable Authentication Modules installed, look for a file named, "ftp," or "telnet," in the directory /etc/pam/ or /etc /pam.d/. If the corresponding authentication file doesn't exist, the instructions for configuring FTP and Telnet authentication and other PAM configuration, should be in /usr/doc/pam-&version&. Refer also to the answer for FTP server says: "421 service not available, remote server has closed connection.".
If it's an FTP server on an older system, make sure that the account exists in /etc/passwd, especially anonymous.
This type of problem may also be caused a failure to resolve the host addresses properly, especially if using Reverse Address Resolution Protocol (RARP). The simple answer to this is to list all relevant host names and IP addresses in the /etc/hosts files on each machine. ( Refer to the example / etc/hosts and /etc/resolv.conf files in Sendmail Pauses for Up to a Minute at Each Command. If the network has an internal DNS, make sure that each host can resolve network addresses using it.
If the host machine doesn't respond to FTP or Telnet clients at all, then the server daemon is not installed correctly, or at all. Refer to the manual pages: inetd and inetd.conf on older systems, or xinetd and xinetd.conf, as well as ftpd, and telnetd.