LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 12-09-2013, 03:17 PM   #1
Knyaz
LQ Newbie
 
Registered: Dec 2013
Location: San Francisco bay area, California, US
Distribution: RedHat, CentOS
Posts: 5

Rep: Reputation: Disabled
Enable FTP and SFTP on the same server using vsftpd


Greetings!

A quick question. I ran in to a situation where I need to enable FTP connection for a particular user and at the same time all others are connecting using SFTP.

It's a centos 6.4 running vsftpd. Any ideas if this is at all possible and work around.
I will not be able to redo the whole configurations.

Thanks,
 
Old 12-09-2013, 04:32 PM   #2
YankeePride13
Member
 
Registered: Aug 2012
Distribution: Ubuntu 10.04, CentOS 6.3, Windows 7
Posts: 262

Rep: Reputation: 54
Why do any of your users need to be running FTP?
 
Old 12-09-2013, 04:43 PM   #3
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974
vsftpd is NOT NOT NOT and SFTP server. SFTP is part of SSH, and will have nothing at all to do with any configuration in vsftpd.

Quote:
Originally Posted by YankeePride13 View Post
Why do any of your users need to be running FTP?
What a bizarre thing to ask. There's plenty of reasons to use FTP
 
Old 12-09-2013, 05:20 PM   #4
Knyaz
LQ Newbie
 
Registered: Dec 2013
Location: San Francisco bay area, California, US
Distribution: RedHat, CentOS
Posts: 5

Original Poster
Rep: Reputation: Disabled
@YankeePride13: Well the actual term would be that these are customers and you can expect anything and request coming in, hope you understand

@acid_kewpie: yes agree, but vsftpd is configured with ssh to accept / redirect all connection to use encryption,

Subsystem sftp internal-sftp

Match Group sftponly
PasswordAuthentication yes
ChrootDirectory /ftp/%u
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
Match

Any thoughts how I can allow a single user to connect using ftp, bypass this ssh config or run parallel vsftpd instances ??
 
Old 12-10-2013, 02:50 AM   #5
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974
As we've already agreed, vsftpd is NOT and ssh / sftp service. vsftpd can't be "configured with ssh", they just happen to both be running on one system. Not sure why you're just asking the same thing again. If a user needs to use sftp instead of ftp, then they connect to a different service with a different protocol and a different daemon handles their request.
 
Old 12-10-2013, 03:01 AM   #6
SAbhi
Member
 
Registered: Aug 2009
Location: Bangaluru, India
Distribution: CentOS 6.5, SuSE SLED/ SLES 10.2 SP2 /11.2, Fedora 11/16
Posts: 664

Rep: Reputation: 80
But can be configured with ssl to use encryption.
if that is of any use, the config how_to is here.
 
Old 12-10-2013, 03:14 PM   #7
Knyaz
LQ Newbie
 
Registered: Dec 2013
Location: San Francisco bay area, California, US
Distribution: RedHat, CentOS
Posts: 5

Original Poster
Rep: Reputation: Disabled
@acid_kewpie: I may not be clear in asking the question, let me please rephrase it.

Here is the setup;
- CentOS 6.4
- vsftp running to use SSL (@SAbhi: I have used the same method to configure it)
- All users are connecting using sftp.

My question is: How can I allow a particular user to connect using ftp protocol and keep the same setup?
The result of this setup would be: Group "sftponly" connects using sftp protocol and group "ftponly" connects ftp protocol.

Any exception, or work around?

Best regards,
 
Old 12-10-2013, 03:20 PM   #8
schneidz
LQ Guru
 
Registered: May 2005
Location: boston, usa
Distribution: fc-15/ fc-20-live-usb/ aix
Posts: 5,026

Rep: Reputation: 845Reputation: 845Reputation: 845Reputation: 845Reputation: 845Reputation: 845Reputation: 845
is there any error you are getting ?

ssh (which scp and sftp run on top of) and ftp are not mutually exclusive.

for example i have ssh, httpd and xrdp running on my fedora server (if i wanted to i could enable other servers as well such as mysqld/smtpd/popd/... without affecting my already configured services as long as i forward the correct ports within the router).
Quote:
Originally Posted by acid_kewpie View Post
...
What a bizarre thing to ask. There's plenty of reasons to use FTP
ftp is pretty much sunset like telnet. at my job we have a bunch of legacy mainframes that are not modern enough to run ssh, so we enable the ftp server on them.

Last edited by schneidz; 12-10-2013 at 03:23 PM.
 
Old 12-10-2013, 05:05 PM   #9
Knyaz
LQ Newbie
 
Registered: Dec 2013
Location: San Francisco bay area, California, US
Distribution: RedHat, CentOS
Posts: 5

Original Poster
Rep: Reputation: Disabled
I'm using FileZilla for this purpose.
Using SFTP Protocol everything works just fine, but when I select ftp, it gives the following error

Response: 530 Non-anonymous sessions must use encryption.
Error: Could not connect to server
 
Old 12-10-2013, 07:57 PM   #10
SAbhi
Member
 
Registered: Aug 2009
Location: Bangaluru, India
Distribution: CentOS 6.5, SuSE SLED/ SLES 10.2 SP2 /11.2, Fedora 11/16
Posts: 664

Rep: Reputation: 80
Quote:
Originally Posted by Knyaz View Post
- All users are connecting using sftp.
Do no use the phrase sftp with ssl they both are different.

Quote:
Originally Posted by Knyaz View Post
My question is: How can I allow a particular user to connect using ftp protocol and keep the same setup?
The result of this setup would be: Group "sftponly" connects using sftp protocol and group "ftponly" connects ftp protocol.

Any exception, or work around?

Best regards,
This can be done by a parallel instance of vsftpd wihtout SSL. So that the users added to this one can connect with FTP without SSL. you may need to setup vsftp for virtual users.
 
1 members found this post helpful.
Old 12-11-2013, 02:55 AM   #11
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974
Quote:
Originally Posted by Knyaz View Post
I'm using FileZilla for this purpose.
Using SFTP Protocol everything works just fine, but when I select ftp, it gives the following error

Response: 530 Non-anonymous sessions must use encryption.
Error: Could not connect to server
That would be FTP with TLS/SSL, NOT SFTP.
 
Old 12-11-2013, 03:21 AM   #12
JJJCR
Senior Member
 
Registered: Apr 2010
Posts: 1,102

Rep: Reputation: 181Reputation: 181
check out this link to shed some light:

https://wiki.filezilla-project.org/F..._howto_(Server)
 
Old 12-11-2013, 03:53 PM   #13
Knyaz
LQ Newbie
 
Registered: Dec 2013
Location: San Francisco bay area, California, US
Distribution: RedHat, CentOS
Posts: 5

Original Poster
Rep: Reputation: Disabled
@SAbhi: Thank you, I think this is what I would do.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
VSFTPD FTP Server JJJCR Linux - Server 9 02-14-2013 01:46 AM
Truecrypt volume on ftp server inferior to sftp? Ulysses_ Linux - Security 6 02-25-2011 03:48 PM
FTP/SFTP write access denied on Ubuntu Server prudens Linux - Newbie 1 07-18-2009 11:50 AM
chrooted SFTP + FTP server TotalDefiance Linux - Server 4 12-08-2006 09:37 AM
Remote backup server: vsftpd/SSL or openssh/sftp or... ? krog Linux - Security 3 04-25-2006 12:50 AM


All times are GMT -5. The time now is 05:58 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration