LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 08-16-2011, 05:10 PM   #1
alphatest
Member
 
Registered: Aug 2010
Location: KL
Distribution: Centos, ubuntu
Posts: 137

Rep: Reputation: 2
vsftpd setting


Hi,

i have already configure ftp server using vsftpd on centos with succes. just need some help how to setting my ftp server should be access using web page like http://ftp.domain.com with username and password. also i need create/add new user with own directory and with some level access etc read/write.
the user just can see their folder only not other directories in Centos system.


could someone have similar issues with me can help me?

thanks
 
Old 08-17-2011, 12:43 AM   #2
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,894

Rep: Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322
Hi,

Read this nice howto.
Use chroot_local_user and disable anonymous. You can then visit your server from a borwser using ftp and not http, like ftp://ftp.domain.com

Regards
 
Old 08-18-2011, 01:47 AM   #3
alphatest
Member
 
Registered: Aug 2010
Location: KL
Distribution: Centos, ubuntu
Posts: 137

Original Poster
Rep: Reputation: 2
re-vsftpd

Hi,

i will test that

thanks a lot.

but i already have create virtual user using vsftpd but it can't connect


this is my config..

---------------

# Example config file /etc/vsftpd/vsftpd.conf
#
#
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=NO
#
# Uncomment this to allow local users to log in.
local_enable=YES
#
# Uncomment this to enable any form of FTP write command.
write_enable=YES
#
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
local_umask=022
#
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
#
# Activate directory messages - messages given to remote users when they
# go into a certain directory.
dirmessage_enable=YES
#
# The target log file can be vsftpd_log_file or xferlog_file.
# This depends on setting xferlog_std_format parameter
xferlog_enable=YES
#
# Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
#
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using "root" for uploaded files is not
# recommended!
#chown_uploads=YES
#chown_username=whoever
#
# The name of log file when xferlog_enable=YES and xferlog_std_format=YES
# WARNING - changing this filename affects /etc/logrotate.d/vsftpd.log
#xferlog_file=/var/log/xferlog
#
# Switches between logging into vsftpd_log_file and xferlog_file files.
# NO writes to vsftpd_log_file, YES to xferlog_file
xferlog_std_format=NO
#
log_ftp_protocol=YES
# You may change the default value for timing out an idle session.
#idle_session_timeout=600
#
# You may change the default value for timing out a data connection.
#data_connection_timeout=120
#
# It is recommended that you define on your system a unique user which the
# ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure
#
# Enable this and the server will recognise asynchronous ABOR requests. Not
# recommended for security (the code is non-trivial). Not enabling it,
# however, may confuse older FTP clients.
#async_abor_enable=YES
#
# ASCII mangling is a horrible feature of the protocol.
#ascii_upload_enable=YES
#ascii_download_enable=YES
#
# You may fully customise the login banner string:
ftpd_banner=Access Server -FTP service.
#
# You may specify a file of disallowed anonymous e-mail addresses. Apparently
# useful for combatting certain DoS attacks.
#deny_email_enable=YES
# (default follows)
#banned_email_file=/etc/vsftpd/banned_emails
#
banner_file=/etc/vsftpd/issue
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
chroot_list_enable=YES
chroot_local_user=YES
# (default follows)
chroot_list_file=/etc/vsftpd/chroot_list
#
# You may activate the "-R" option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
# the presence of the "-R" option, so there is a strong case for enabling it.
#ls_recurse_enable=YES
#
# When "listen" directive is enabled, vsftpd runs in standalone mode and
# listens on IPv4 sockets. This directive cannot be used in conjunction
# with the listen_ipv6 directive.
listen=YES
#
# This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6
# sockets, you must run two copies of vsftpd whith two configuration files.
# Make sure, that one of the listen options is commented !!
#listen_ipv6=YES

pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
##--HOME for user----- directory
guest_enable=YES
local_root=/home/vsftpd/$USER
user_sub_token=$USER
virtual_use_local_privs=YES
user_config_dir=/etc/vsftpd/vsftpd_user_conf

--------------------

when try to connect the error message is "ftp: Can't connect to `10.1.2.35': Connection refused
ftp: Can't connect to `10.1.2.35' "


if anything i forgot
 
Old 08-18-2011, 02:30 AM   #4
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,894

Rep: Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322
Quote:
when try to connect the error message is "ftp: Can't connect to `10.1.2.35': Connection refused
ftp: Can't connect to `10.1.2.35' "
This means that vsftpd is not running. Try to start it
Code:
service vsftpd start
and see what happens. If it doesn't start check the logs under /var/log
 
Old 08-18-2011, 10:37 AM   #5
alphatest
Member
 
Registered: Aug 2010
Location: KL
Distribution: Centos, ubuntu
Posts: 137

Original Poster
Rep: Reputation: 2
no problem with service....already running
 
Old 08-18-2011, 11:22 AM   #6
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,894

Rep: Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322
So, if it's running but you can't connect, there should be a firewall blocking access to port 21.
 
Old 08-18-2011, 07:54 PM   #7
alphatest
Member
 
Registered: Aug 2010
Location: KL
Distribution: Centos, ubuntu
Posts: 137

Original Poster
Rep: Reputation: 2
no....using from internal also cannot.

problem occur after i modify config in vsftpd.conf and create database and also folder .


actually problem happen when i follow this link http://wiki.centos.org/HowTos/VirtualVsFtpd




please help
 
Old 08-18-2011, 08:17 PM   #8
alphatest
Member
 
Registered: Aug 2010
Location: KL
Distribution: Centos, ubuntu
Posts: 137

Original Poster
Rep: Reputation: 2
re-vsftpd

Quote:
Originally Posted by bathory View Post
Hi,

Read this nice howto.
Use chroot_local_user and disable anonymous. You can then visit your server from a borwser using ftp and not http, like ftp://ftp.domain.com

Regards
now i can connect using above link but when i put the exactly password, my username cannot login


331 Please specify the password.
Password:
500 OOPS: could not open chroot() list file:/etc/vsftpd/chroot_list
ftp: Login failed
ftp>

this actually using for what?

# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
#chroot_list_enable=YES
#chroot_local_user=YES
# (default follows)
#chroot_list_file=/etc/vsftpd/chroot_list


thanks

Last edited by alphatest; 08-18-2011 at 08:25 PM. Reason: problem detail
 
Old 08-18-2011, 08:44 PM   #9
alphatest
Member
 
Registered: Aug 2010
Location: KL
Distribution: Centos, ubuntu
Posts: 137

Original Poster
Rep: Reputation: 2
ok now i problem for chroot_list solve but still cannot login either password is true



220-Use of this system constitutes consent to security monitoring and testing.
220-All activity is logged with your host name and IP address.
220-
220
331 Please specify the password.
Password:
500 OOPS: bad bool value in config file for: write_enable
ftp: Login failed

comment out for write_enable but still the same error popup


thanks
 
Old 08-18-2011, 09:06 PM   #10
alphatest
Member
 
Registered: Aug 2010
Location: KL
Distribution: Centos, ubuntu
Posts: 137

Original Poster
Rep: Reputation: 2
just only one problem left is the last post....


and one more thing how to create user that could just see data on specific folder only and can download only. other user can upload and download data means can write/read and execute.

-let's said 3 user just can download and see folder/directories that contain only data for download and not other directories.

-3 other user can download and upload data and can see some folder/directories

-1 user can download/upload and see all the directories and can execute...



please help me on this to solve this problem.
 
Old 08-19-2011, 02:32 AM   #11
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,894

Rep: Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322
Quote:
500 OOPS: bad bool value in config file for: write_enable
Check vsftpd.conf and make sure you have
Code:
write_enable YES
Quote:
and one more thing how to create user that could just see data on specific folder only and can download only. other user can upload and download data means can write/read and execute.
You need to play with directories ownership/permissions. For example, create a group for the users you want write access (upload) and make those directories owned by that group
 
Old 08-19-2011, 09:25 AM   #12
alphatest
Member
 
Registered: Aug 2010
Location: KL
Distribution: Centos, ubuntu
Posts: 137

Original Poster
Rep: Reputation: 2
Quote:
Originally Posted by bathory View Post
Check vsftpd.conf and make sure you have
Code:
write_enable YES

You need to play with directories ownership/permissions. For example, create a group for the users you want write access (upload) and make those directories owned by that group
can you show how to create like that or give one example, my ftp already running ok now just need find solution for access level.

one more thing when i enable anonymous user, when open browser it open the browser request for username and password not for anonymous ..i want can open both of them.

how to make anonymous can open through web and also with user authentication can open through web with upload and download.


thanks
 
Old 08-19-2011, 03:49 PM   #13
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,894

Rep: Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322
Quote:
can you show how to create like that or give one example, my ftp already running ok now just need find solution for access level.
You can have the following permissions/ownerships, so only the user myuser can write (upload), while users that belong to group ftpusers can only read/download files. Also anyone else can read/download too (e.g. the anonymous user). If you don't like that use 750 instead of 755.
Code:
chmod -R 755 /some/ftp/directory
chown -R myuser:ftpusers /some/ftp/directory
Quote:
one more thing when i enable anonymous user, when open browser it open the browser request for username and password not for anonymous ..i want can open both of them.
By default if you use a url like: ftp://x.x.x.x in your browser, it first tries to login as anonymous, so if you offer anonymous ftp it will connect to it as the anonymous user. If you want to login as a normal user you should use: ftp://user@x.x.x.x, in which case you'll be prompted for password.
Mind that with a browser you can only view and download files, you cannot upload, so it's better to use a ftp client.

Regards
 
1 members found this post helpful.
Old 08-20-2011, 11:10 AM   #14
alphatest
Member
 
Registered: Aug 2010
Location: KL
Distribution: Centos, ubuntu
Posts: 137

Original Poster
Rep: Reputation: 2
vsftp

hi,


i got it now....


thanks for ta info...


very help
 
Old 08-21-2011, 11:22 AM   #15
alphatest
Member
 
Registered: Aug 2010
Location: KL
Distribution: Centos, ubuntu
Posts: 137

Original Poster
Rep: Reputation: 2
Hi,

can i upload file through web access ? example when i login using ftp://user@ftp.domain.com...

and what file can be download through web ...only the zip file..


thanks
 
  


Reply

Tags
vsftpd


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
CentOS 4 - Setting users for vsftpd vikram8jp Linux - Newbie 2 10-16-2008 02:15 AM
setting up users in VSFTPD true_atlantis Linux - Software 1 09-29-2004 02:28 PM
Setting Up Vsftpd zirconyl Linux - Software 0 09-13-2004 02:59 PM
Setting up vsftpd awing_pilot Linux - Networking 1 07-02-2003 10:39 PM
vsftpd - setting up users Korff Linux - Networking 7 05-31-2003 04:00 PM


All times are GMT -5. The time now is 01:19 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration