Also, is it cPanel by chance? Is cPHulk enabled? On Thu, Jan 19, 2012 at 1:06 PM, Andrew Harris wrote: > Hey Keith > > I'm afraid your language is just a bit ambiguous -- SFTP, as in FTP over > SSH, or FTP, as in ProFTPd or Pure-FTPd? > > If it's the former, then /var/log/secure will be the right place, but > it'll show up as sshd. Here's what a failed login looks like on my CentOS > VPS: > > Jan 19 13:04:04 sta sshd[12164]: pam_unix(sshd:auth): check pass; user > unknown > Jan 19 13:04:04 sta sshd[12164]: pam_unix(sshd:auth): authentication > failure; logname= uid=0 euid=0 tty=ssh ruser= rhost= > cpe-66-68-110-19.austin.res.rr.com > > If it's actual FTP, I believe that will be in /var/log/messages or > something, depending on how it's configured. > > On Thu, Jan 19, 2012 at 12:29 PM, keith smith wrote: > >> >> Hi, >> >> I've setup Iptables so only certain IP addresses can access our shell. >> It works well for the handful of us that access the shell. >> >> We also run SFTP. So the IP for anyone needing FTP must be in the IP >> tables as well. >> >> Today, I'm trying to configure someone remotely. I added their IP >> address to the IPTables and helped them configure their FTP Client. They >> are not able to connect. It is unclear to me if it is a client or server >> issue. So I am looking at the logs. >> >> I'm running CentOS 5.6 and looking in /var/log/secure . I see no entry >> for the failed access attempt. >> >> Is there another log I should be looking in? >> >> Thank you for your help! >> >> ------------------------ >> Keith Smith >> --------------------------------------------------- >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >> > >