FTP, permissions help
I needed to allow a person access to my server via ftp to edit and change some webpages.
I created a user called rob and I made his home directory /var/www/html. The html directory is owned by root and all the web directories in the html directory are owned by apache. How can I get it so that user rob can log in via ftp and access everything in the /var/www/html? Any help on this would be greatly appreciated. This is the error I get when trying to log in. I'm guessing its an issue with perms or directory ownership. error loading directory... 425 Failed to establish connection. 421 Timeout. disconnected |
First, which FTP server are you using?
Second, is there a reason you want him to have access to /var/www/html instead of his ~/public_html? Apache has a config file that will allow you to give each person their own directory for html. In the web browser, they would just type www.mysite.com/~rob/. For that matter, I suppose you could just create a symbolic link from /var/www/html/index.html to /home/rob/public_html/index.html... Then he could change his files whenever he wanted to and the symbolic link would allow www.mysite.com to actually point to rob's directory. (Note I haven't tried this before, but don't see why it wouldn't work...) |
got everything to work and it works fine while I have the server using the 20,21 ports.
However, I want my ftp to listen on a different port. When I make vsftpd listen on port 16000 I cannot connect. here is the error I get: 500 Illegal PORT command. Attemping PASV mode transfer... PASV 227 Entering Passive Mode (209,89,7,231,110,127) LIST Connect socket #840 to 209.89.7.231, port 28287... timeout Error loading directory... 425 Failed to establish connection. |
FTP expects to use certain ports in ways other protocols do not. It looks like you're using passive mode FTP. Passive mode FTP uses a random port for data and (in your case) port 16000 for commands (normal is 21). In this case it looks like it picked port 28287 to receive the data stream connection from the client. If that port is blocked by a firewall, this won't work.
|
In order to allow passive mode traffic through the server's firewall, use the pasv_max_port and pasv_min_port options in vsftpd.conf. Then modify iptables to allow traffic on the port range you defined.
|
Awsome...thanks guys
|
I'm still having an issue with this I did set the pasv_max_port=195 and pasv_min_port=200 and I opened these ports on my firewall. However, the client still tries to connect on a random port. I did restart the service as well.
|
I think min needs to be less than max. Above you said min=200 and max=195. Maybe putting them the other way around would help?
|
Yeah, thats what I actually had and it still won't connect. Client keeps going into pasv mode and then tries a random port.
|
Here are all the options I have set in my vsftpd.conf.
Code:
[root@petrel vsftpd]# grep -v "#" /etc/vsftpd/vsftpd.conf Code:
[root@petrel xinetd.d]# cat /etc/xinetd.d/vsftpd |
All times are GMT -5. The time now is 01:35 AM. |