LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 11-14-2003, 08:55 PM   #1
gaelen
LQ Newbie
 
Registered: Nov 2003
Posts: 16

Rep: Reputation: 0
Question ahhh! ProFTP would'nt let me connect


emmm knid of two questions

I am trying to set up pro ftp to allow users to access the /var/www directory on my PC but alas it wouldnt even let the local machine connect. I have set it up edited hosts.allow and host.deny to allow remote machines to connect. each time I try it just says connection refused right out.

I am running mandrake 9.1

here is my proftp.conf file
//////////////////////////////////////////////////////////////////////////////////////////////////////////
# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use. It establishes a single server
# and a single anonymous login. It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.

ServerName "servername"
ServerType inetd
DeferWelcome off

ShowSymlinks on
MultilineRFC2228 on
DefaultServer on
AllowOverwrite on

TimeoutNoTransfer 600
TimeoutStalled 600
TimeoutIdle 1200

DisplayLogin welcome.msg
DisplayFirstChdir .message
LsDefaultOptions "-l"

DenyFilter \*.*/

# Uncomment this if you are using NIS or LDAP to retrieve passwords:
#PersistentPasswd off

# Port 21 is the standard FTP port.
Port 21

# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 30

# Set the user and group that the server normally runs at.
User nobody
Group nogroup

# Normally, we want files to be overwriteable.
<Directory /*>
# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask 022 022

AllowOverwrite on
</Directory>

# chroot for all users of the group ftpuser
DefaultRoot ~ ftpuser

# grant login only for members of the group
<Limit LOGIN>
DenyGroup !ftpuser
</Limit>

# disable root login and require a valid shell (from /etc/shells)
<Global>
RootLogin off
RequireValidShell on
</Global>

# increase
UseReverseDNS off

IdentLookups off

# Logging formats
LogFormat default "%h %l %u %t \"%r\" %s %b"
LogFormat auth "%v [%P] %h %t \"%r\" %s"
LogFormat write "%h %l %u %t \"%r\" %s %b"

# activate logging

# every login
ExtendedLog /var/log/ftp_auth.log AUTH auth

# file/dir access
ExtendedLog /var/log/ftp_access.log WRITE,READ write

# forr paranoid (big logfiles!)
#ExtendedLog /var/log/ftp_paranoid.log ALL default
/////////////////////////////////////////////////////////////////////////////////////////////////////////

also mandrake has this nasty habit of rewriting the hosts.allow and setting it back to
ALL:ALL EXCEPT 127.0.0.1ENY
What is rewriting this file and how can i stop it.

Thanks gaelen
 
Old 11-15-2003, 12:50 AM   #2
idaho
Member
 
Registered: Aug 2003
Location: Portland, Oregon
Distribution: RedHat, Libranet
Posts: 438

Rep: Reputation: 30
It sounds like your "connection refused" message is occuring when you first login.

Is your proftpd daemon accepting connections directly, or are you using the super daemon inetd to handle connections? If you are using inetd (or xinetd), you need to make sure that inetd is configured to accept these connections for proftpd.

I have also had ftp connections fail when the user's shell (as defined in /etc/passwd) was not listed in /etc/shells.
 
Old 11-15-2003, 05:06 AM   #3
gaelen
LQ Newbie
 
Registered: Nov 2003
Posts: 16

Original Poster
Rep: Reputation: 0
Ok It just got a little bit more intresting. I checked my /ect/passwd and /ect/shells and the shell I am using is listed in there. I believe it handles the connections directly.

but I also did I tcpdump on port 21 and attempted a login from a remote andthe local machine and low and behold nothing showed up.

(boggled by this problem)
 
Old 11-15-2003, 05:08 AM   #4
gaelen
LQ Newbie
 
Registered: Nov 2003
Posts: 16

Original Poster
Rep: Reputation: 0
I would really spprecatite it if some one could tell me what is rewriting /ect/hosts.deny back to the default I have to always go in and comment out
ALL:ALL EXCEPT 127.0.0.1: DENY
as mandrake seams to like it being in there
(boggles again)
 
Old 11-15-2003, 09:54 PM   #5
idaho
Member
 
Registered: Aug 2003
Location: Portland, Oregon
Distribution: RedHat, Libranet
Posts: 438

Rep: Reputation: 30
You might have a cron job doing this. Your distro could well have set this up as a security measure. Places to start looking are to invoke "crontab -l" as root to see what cron jobs root has scheduled, and look in your /etc/ directory for something that is setting up regular cron jobs.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Proftp does not connect anacharya Linux - Networking 1 04-26-2005 12:17 AM
ahhh crap! OMEGA-DOOM Linux - Newbie 9 06-15-2004 02:28 PM
Ahhh...help with install of RH 7.3 sikgsr Linux - General 6 07-17-2002 09:13 PM
AHHH me modem... umpa Linux - Newbie 1 01-06-2002 10:26 PM
Out of Range... ahhh! Rocky Linux - General 2 10-21-2001 11:06 PM


All times are GMT -5. The time now is 05:54 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration