LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 07-03-2004, 03:28 PM   #1
wheatstraw
LQ Newbie
 
Registered: May 2004
Location: Florida
Distribution: Gentoo, Debian
Posts: 7

Rep: Reputation: 0
Question Apache ssh dreamweaver vsftpd question


I am having trouble setting up my web server.

I host websites for a few people. What I want to do is to have them connect to my server with Dreamweaver MX using the ssh option to upload changes to their sites.

My server is Apache 1.3.26 on a Debian woody. I am running vsftpd_1.0.0-2 and sshd. Each site is a virtual machine in httpd.conf.

I have set up /home/$USER/public_html/$SITENAME directories for the sites and have done: chown -R $USERNAME.www-data /home/$USER/public_html so that apache will be able to serve up the pages.

I have a virtual XP machine set up for test purposes (vmware), running Dreamweaver MX. I can edit the site and connect from Dreamweaver MX as regular ftp. I am able to delete and upload files and all is good.

When I enable the "Use SSH encrypted secure login", puTTy opens a shell and I can log in to the server. I minimize the shell window and click OK in Dreamweaver's "Waiting for ssh login" window. I watch Dreamweaver's ftp log while this is happening and I seem to connect:
<Dreamweaverlog>

Using port 2000
220 ready, dude (vsFTPd 1.0.0: beat me, break me)
USER $USER
331 Please specify the password.
PASS
230 Login successful. Have fun.
SYST
215 UNIX Type: L8
PWD
257 "/home/$USER"
CWD /home/$USER/public_html/$USERWEBSITE
250 Directory successfully changed.
CWD /home/$USER/public_html/$USERWEBSITE/_notes
550 Failed to change directory.
CWD /home/$USER
250 Directory successfully changed.
MKD public_html/$USERWEBSITE/XYIZNWSK
257 "/home/$USER/public_html/$USERWEBSITE/XYIZNWSK" created
CWD /home/$USER/public_html/$USERWEBSITE
250 Directory successfully changed.
PWD
257 "/home/$USER/public_html/$USERWEBSITE"
TYPE A
200 ASCII tastes bad, dude.
PASV
227 Entering Passive Mode (4,14,222,74,53,134)
LIST
425 Security: Bad IP connecting.
CWD /home/$USER
250 Directory successfully changed.
RMD public_html/$USERWEBSITE/XYIZNWSK
250 Remove directory operation successful.
CWD /home/$USER/public_html/$USERWEBSITE
250 Directory successfully changed.
PWD
257 "/home/$USER/public_html/$USERWEBSITE"

</Dreamweaverlog>

I then get an error: "Dreamweaver cannot determine the remote server time. The Select Newer and Synchronize commands will not be available."

I click OK and I cannot view any files on the remote server and cannot upload any files.

I have tried connecting to the server with puTTy by itself, and I have regular user permissions. I am able to delete and create files in my $USERWEBSITE directory. As I said, it also works without the ssh option.

Is there something I have to edit in sshd_config to allow an ftp tunnel?

Dreamweaver does the port forward settings properly via putty. I am also manually able to forward a vnc connection to a machine behind the server via puTTy.

Thanks in advance for any advise offered.
 
Old 06-03-2005, 11:28 AM   #2
codestrom
LQ Newbie
 
Registered: Dec 2004
Posts: 4

Rep: Reputation: 0
Dreamweaver vsftpd epsv pasv and sorta workaround

Okej..

Intead of opening a new thread I'm going to clarify some of my experience and try to give help where I can.

#1 Your setup may be just fine.. I have a similar setup... I'm running Linux with Codega and Dreamweaver on top. (I'm used to it and don't really care for NVU, Eclipse or any of the other choices for a RAD IDE/ WYSIWYG.)

Dreamweaver MX is unfortunately the lastest version support by Codega atm.. This means sftp isn't an option. Only regular FTP tunneled through SSH.. (IE a similar situation to what you have above.)

From what I say while tailing the ftp logs from vsftpd..

At a termnial the defautl linux ftp client works fine for me, but I have to forward two ports over SSH.. vsftp will allow you to narrow the range of "PASV" ports. So I narrowed it to one and forwarded that as well.

sudo ssh -C -L 3333:xxx.xxx.xxx.xxx:21 -L 20000:xxx.xxx.xxx.xxx:20000 root@xxx.xxx.xxx.xxx

connect with your fav ftp client like ftp localhost 3333

From the Linux ftp client I see it's using "EPSV" and pulls down the directory.. I can read and write files with no problems.
of "EPSV"
Jun 3 10:39:43 eclipse vsftpd: Fri Jun 3 10:39:43 2005 [pid 13330] [codestrom] FTP response: Client "xxx.xxx.xxx.xxx", "229 Entering Extended Passive Mode (|||20000|)"

With Dreamweaver on the other hand it's using "PASV" and fails.. I'm going to tail a tcpdump when I have more time later, but if anyone has any suggestions it's appreciated.

Also.. I'm not sure the following setup should be used unless you have tight control over the SSH access as narrowing the port range is a typically a bad idea..

Google "ftp attacks" if you don't believe me..
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Dreamweaver MX, MySql, apache and PHP ...? shahg_shahg Linux - Software 1 07-23-2005 04:50 AM
Dreamweaver MX, MySql, apache and PHP ...? shahg_shahg Linux - Software 1 07-23-2005 04:49 AM
Dreamweaver, PHP, MySQL, and Apache Web server bentman78 Linux - Software 18 02-06-2005 05:09 AM
Dreamweaver and Apache, PHP and MySQL WiWa Linux - Newbie 3 09-16-2003 12:05 PM
apache, process owner, and rsync/ssh question Kruel Linux - Networking 0 03-01-2002 12:25 PM


All times are GMT -5. The time now is 12:15 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration