|
vsftpd SETUP
Okay, I have been trying to setup vsftp for 2 days now and I am about to call it quits!
I made copies of all .conf files so I can restore them to original condition if neccessary. I am running a fresh copy of Red Hat 8, ran update agent and updated kernel and all packages. I setup the firewall to allow access for FTP and HTTP. Port scanned to make sure the ports were open externally and they are active. HTTP setup and functioning. I want to setup the FTP server and then worry about removing anonymous access. Now as I understand it the ftp group and user must be setup (I think I did this correctly, think it was already on system upon install), for anon access. User, nobody created by: useradd nobody, did this too. Next, empty dir, /usr/share/empty/ created. Added /var/ftp/. Then I added the following to xinetd.conf and commented out everything else: service ftp { disable = no socket_type = stream wait = no user = root server = /usr/sbin/vsftp nice = 10 } Next, checked vsftpd.conf and changed nothing from initial state. Then just for the heck of it I added the following to the hosts.allow, vsftpd:ALL:ALLOW I restarted the xinetd service and attempted connection from another local system and ftp client "connected" but then hangs for a few seconds and then says it has been disconnected by the host. Thought I would try to run vsftpd without xinetd, so added listen=YES to the end of vsftpd.conf started service through terminal. Now I didn't receive any confirmation that the service had started but I tried to connect with client anyway. Same thing as before. I have tried many configurations and combinations over the past two days and with no success. I have only been using linux for three days so be gentle I am a newbie. Thank you for any help! P.S. I have review tons of docs and how-to's and tried to follow all of them as best I could, but nothing has done the trick yet. Should I be using another FTP package? ------------------------------------------------------------------------------:newbie: |
Quote:
Quote:
vsftpd: ALL Maybe you should post your vsftpd.conf file so we can take a look at it. |
First of all, thank you for your assistance!
I corrected the syntax in the /etc/host.allow file and set the home directory for user nobody to /var/ftp/pub/example/ I then restarted and attempted connectiion again with no success, same problem as before. As suggested I am including my vsftpd.conf file for review: anonymous_enable=YES local_enable=YES write_enable=YES local_umask=022 dirmessage_enable=YES xferlog_enable=YES connect_from_port_20=YES xferlog_std_format=YES ftpd_banner=Welcome....Enjoy! pam_service_name=vsftpd # The next entry is only to test vsftpd without xinetd service, doesn't work # either way listen=YES Also, I noticed that user ftpaccess was not listed as a user on my system. I added the account using 'useradd ftpaccess' and set the home directory to /home/ftpaccess, and created group ftpaccess as well. Users, ftp, ftpaccess and nobody all are set to /sbin/nologin. User ftp is set to have it's home directory in /var/ftp/, and is in the ftp group. Thank you again...VERY MUCH!!! |
Okay, turns out that iptables was missing entry and now vsftpd works....well kind of.
Now I have a problem when connecting, I receive the response: 500 OOPS: str_getpwnam: ftpsecure Fatal Error - It appears that this server doesn't understand a basic FTP command. () Attempting to reconnect - this may only be a temporary error I changed the setting in /etc/xinetd.conf 'disable = no' to 'disable = yes'. I don't know if this actually did anything at all because I still receive the same error message upon connection attempt. I appreciate the assistance, I am started to get excited now that I am so close to having a working ftp server! |
Worse News!
Great, I rebooted the system and now I seem to back to exactly where I was in the begining of saga!
All of the .conf files are unchanged and the firewall seems to be allowing access to all the required ports, but now there is no response from the server except to disconnect any clients. Any ideas about what the heck is wrong or reseting on reboot? :confused: |
Quote:
|
Final Solution
OKAY, here is what I did to get vsftpd working since all else failed.
First, I reformatted and installed a fresh copy of Red Hat 8.0, during install I selected a server install, included ftp server package (among other packages), setup firewall for High security and customized to allow ftp (and other services) pass through. Second, I updated the kernel using update agent (up2date). Third, I updated all packages using up2date. Fourth, I checked the users to ensure that 'nobody' and 'ftp' were created. They are already on the system. Fifth, I checked to make sure that the ftp directory was in place (/var/ftp) Already on system and ready to go. Sixth, checked /etc/vsftpd.conf to ensure that everything was set how I wanted it. Everything is cool to get things going. Seventh, added 'ALL:ALL' to /etc/hosts.allow Eighth, checked /etc/xinetd.conf to make sure it was starting vsftpd. xinetd.conf has an include for /etc/xinetd.d which contains the information in a file named 'vsftpd'. I changed /etc/xinetd.d/vsftpd so that the line that reads 'disable = yes' so that it now reads 'disable = no' Ninth, Opened Server Settings>>Services and Restarted the xinetd service. Tenth, I port scanned from another system to make sure that the correct port was available (21). It was open. Eleventh, Using the web browser I ftp'd into the local system using the IP address. Selected anonymous user when prompted and TA DA!!! vsftpd was up and working. Twelfth, tested from another system to ensure the service is available externally. IT WORKS!!! THANK YOU FOR THE HELP!!! Good luck to anyone that needs to get vsftpd working, I hope this post helps. :newbie: :D |
Quote:
|
I think you wer missing a letter in your xinetd.conf file
service ftp { disable = no socket_type = stream wait = no user = root server = /usr/sbin/vsftp <<--- Doesn't that need a d behind it?? nice = 10 } Greetz x-fanity |
I have made a HUGE mistake!!! I accidentaly deleted the "ftp" user account is there a way to get it back cause now my ftp won't work!
|
Kind of working
thanks, grubmaster,...now my vsftpd is kind of working, i think i screw up step 8, but anyway, it works now
I am not trying to add users, but i am not sure how should i do it, would anyone mind to tell me please. also, i am not sure how to login as a root, what shoudl the password suppose to be? help is good |
also, i am not sure how to login as a root, what shoudl the password suppose to be?
What u can do is to take the root account away from the /etc/vsftpd.ftpusers, but i recommend not do to do that!!!!!! This list is for user that are not aload to ftp to your site. |
FTP error
I got this error when try to connect
:: 500 OOPS: str_getpwnam: ftpsecure Can anyone help me on this ? vsftpd.conf anonymous_enable=NO local_enable=YES write_enable=YES local_umask=022 anon_upload_enable=YES anon_mkdir_write_enable=YES dirmessage_enable=YES xferlog_enable=YES connect_from_port_20=YES chown_uploads=YES chown_username=whoever xferlog_file=/var/log/vsftpd.log xferlog_std_format=YES idle_session_timeout=600 data_connection_timeout=120 nopriv_user=ftpsecure #async_abor_enable=YES #ascii_upload_enable=YES #ascii_download_enable=YES ftpd_banner=welcome to TC ftp services. #deny_email_enable=YES #banned_email_file=/etc/vsftpd.banned_emails chroot_list_enable=YES chroot_list_file=/etc/vsftpd.chroot_list #ls_recurse_enable=YES pam_service_name=vsftpd #userlist_enable=YES #enable for standalone mode #listen=YES #tcp_wrappers=YES /etc/xinetd.d/vsftpd service ftp { disable = no socket_type = stream wait = no user = root server = /usr/sbin/vsftpd nice = 10 } iptables .... -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 80 --syn -j ACCEPT -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 21 --syn -j ACCEPT -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 22 --syn -j ACCEPT -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 23 --syn -j ACCEPT. ... netstat -ln tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN :Pengy: |
well. I did not read every single line here, but some facts..
/etc/hosts.allow is not interesting here, because you don't use tcp_wrappers (tcpd) with your xinetd entry. so this entry is ignored. Second - if you _would_ use tcpd in your xinetd config for vsftp, the syntax would be ftp: ALL:ALLOW This is because vsftpd will listen on the port assigned to 'ftp' in /etc/services.. and this is usually the line: ftp 21/tcp |
Steps that I drawn out for Red Hat Linux 9 to install vsftpd
Oh , do remember to install vsftpd in the first place. (from CD)
Firstly , Copy the vsftpd.conf file from /etc/vsftpd to /etc ( Default to do this if install from CD ) Than, Check the configuration file of the default is the same as below anonymous_enable=NO local_enable=YES write_enable=YES local_umask=022 dirmessage_enable=YES xferlog_enable=YES connect_from_port_20=YES chown_uploads=YES chown_username=whoever xferlog_file=/var/log/vsftpd.log xferlog_std_format=YES idle_session_timeout=600 data_connection_timeout=120 ftpd_banner=welcome to TC ftp services. chroot_list_enable=YES chroot_list_file=/etc/vsftpd.chroot_list pam_service_name=vsftpd #nopriv_user=ftpgroup #anon_upload_enable=YES #anon_mkdir_write_enable=YES #async_abor_enable=YES #ascii_upload_enable=YES #ascii_download_enable=YES #deny_email_enable=YES #banned_email_file=/etc/vsftpd.banned_emails #ls_recurse_enable=YES #userlist_enable=YES #enable for standalone mode #listen=YES #tcp_wrappers=YES Thirdly, check whether the file vsftpd in folder /etc/xinetd.d exist. If not create the file by typing touch /etc/xinetd.d/vsftpd than vi into the file and add the configuration inside service ftp { disable = no socket_type = stream wait = no user = root server = /usr/sbin/vsftpd nice = 10 } After created the file, restart xinetd.d with the command [root@SINDHCP01 /]#/etc/init.d/xinetd restart After restart, Just try out ftp to localhost or from another station. All user with default non privilege should be able to ftp to their own home directory. Such as you created user : ftpuser The user will be able to ftp and connect to /home/ftpuser To disable a particular user from accessing the ftp, Put the username in to the file /etc/vsftpd.ftpusers To create users, just use the GUI in X to create the user, if you are free try out the useradd command. |
| All times are GMT -5. The time now is 05:58 PM. |