This article is from the Frequently Asked Questions for Linux, the Free/Open Source UNIX-like operating system kernel that runs on many modern computer systems. Maintained by David C. Merrill with numerous contributions by others. (v1.0).
A: If an FTP server won't allow logins, it is probably configured correctly, but the problem is probably with authorizing users at login. FTP servers in current distributions often authorize users with the Pluggable Authentication Modules library, in which case there should be an authorization file /etc/ pam.d/ftp. A generic authorization file looks like this. (The line break on the first "auth" line is for readability. The entry is actually a single, long line).
#%PAM-1.0 auth required /lib/security/pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed auth required /lib/security/pam_pwdb.so shadow nullok auth required /lib/security/pam_shells.so account required /lib/security/pam_pwdb.so session required /lib/security/pam_pwdb.so
Also, make sure the /etc/ftpusers file, or whatever users file is named in the first "auth" line, is configured correctly.
Btw, the sample ftp file above is actually the ftpd/ftp.pam.sample file from the ftpd-BSD-0.3.1.tar.gz package. Many thanks to David A. Madore for this much needed port.