LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 03-03-2003, 05:44 PM   #1
gurumaster
LQ Newbie
 
Registered: Feb 2003
Distribution: Red Hat 8
Posts: 7

Rep: Reputation: 0
Question vsftpd SETUP


Okay, I have been trying to setup vsftp for 2 days now and I am about to call it quits!

I made copies of all .conf files so I can restore them to original condition if neccessary.

I am running a fresh copy of Red Hat 8, ran update agent and updated kernel and all packages.

I setup the firewall to allow access for FTP and HTTP. Port scanned to make sure the ports were open externally and they are active. HTTP setup and functioning.

I want to setup the FTP server and then worry about removing anonymous access.

Now as I understand it the ftp group and user must be setup (I think I did this correctly, think it was already on system upon install), for anon access.
User, nobody created by: useradd nobody, did this too.

Next, empty dir, /usr/share/empty/ created. Added /var/ftp/.

Then I added the following to xinetd.conf and commented out everything else:

service ftp
{
disable = no
socket_type = stream
wait = no
user = root
server = /usr/sbin/vsftp
nice = 10
}

Next, checked vsftpd.conf and changed nothing from initial state.

Then just for the heck of it I added the following to the hosts.allow, vsftpd:ALL:ALLOW

I restarted the xinetd service and attempted connection from another local system and ftp client "connected" but then hangs for a few seconds and then says it has been disconnected by the host.
Thought I would try to run vsftpd without xinetd, so added listen=YES to the end of vsftpd.conf started service through terminal. Now I didn't receive any confirmation that the service had started but I tried to connect with client anyway. Same thing as before.

I have tried many configurations and combinations over the past two days and with no success. I have only been using linux for three days so be gentle I am a newbie.

Thank you for any help!


P.S.
I have review tons of docs and how-to's and tried to follow all of them as best I could, but nothing has done the trick yet.
Should I be using another FTP package?
------------------------------------------------------------------------------

Last edited by gurumaster; 03-05-2003 at 01:33 AM.
 
Old 03-03-2003, 05:55 PM   #2
Crashed_Again
Senior Member
 
Registered: Dec 2002
Location: Atlantic City, NJ
Distribution: Ubuntu & Arch
Posts: 3,503

Rep: Reputation: 57
Quote:
Now as I understand it the ftp group and user must be setup (I think I did this correctly, think it was already on system upon install), for anon access.
User, nobody created by: useradd nobody, did this too.
What is user nobody's home directory? Is it possibly trying to dump you into a directory that you don't have permissions to?

Quote:
Then just for the heck of it I added the following to the hosts.allow, vsftpd:ALL:ALLOW
The syntax for /etc/hosts.allow should be:

vsftpd: ALL

Maybe you should post your vsftpd.conf file so we can take a look at it.
 
Old 03-03-2003, 10:08 PM   #3
gurumaster
LQ Newbie
 
Registered: Feb 2003
Distribution: Red Hat 8
Posts: 7

Original Poster
Rep: Reputation: 0
First of all, thank you for your assistance!

I corrected the syntax in the /etc/host.allow file and set the home directory for user nobody to /var/ftp/pub/example/
I then restarted and attempted connectiion again with no success, same problem as before.

As suggested I am including my vsftpd.conf file for review:

anonymous_enable=YES
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
ftpd_banner=Welcome....Enjoy!
pam_service_name=vsftpd
# The next entry is only to test vsftpd without xinetd service, doesn't work
# either way
listen=YES


Also, I noticed that user ftpaccess was not listed as a user on my system. I added the account using 'useradd ftpaccess' and set the home directory to /home/ftpaccess, and created group ftpaccess as well.
Users, ftp, ftpaccess and nobody all are set to /sbin/nologin. User ftp is set to have it's home directory in /var/ftp/, and is in the ftp group.

Thank you again...VERY MUCH!!!
 
Old 03-04-2003, 09:26 AM   #4
gurumaster
LQ Newbie
 
Registered: Feb 2003
Distribution: Red Hat 8
Posts: 7

Original Poster
Rep: Reputation: 0
Okay, turns out that iptables was missing entry and now vsftpd works....well kind of.

Now I have a problem when connecting, I receive the response:

500 OOPS: str_getpwnam: ftpsecure
Fatal Error - It appears that this server doesn't understand a basic FTP command. ()
Attempting to reconnect - this may only be a temporary error

I changed the setting in /etc/xinetd.conf 'disable = no' to 'disable = yes'. I don't know if this actually did anything at all because I still receive the same error message upon connection attempt.

I appreciate the assistance, I am started to get excited now that I am so close to having a working ftp server!

Last edited by gurumaster; 03-04-2003 at 09:42 AM.
 
Old 03-05-2003, 01:32 AM   #5
gurumaster
LQ Newbie
 
Registered: Feb 2003
Distribution: Red Hat 8
Posts: 7

Original Poster
Rep: Reputation: 0
Unhappy Worse News!

Great, I rebooted the system and now I seem to back to exactly where I was in the begining of saga!

All of the .conf files are unchanged and the firewall seems to be allowing access to all the required ports, but now there is no response from the server except to disconnect any clients.

Any ideas about what the heck is wrong or reseting on reboot?

 
Old 03-05-2003, 09:26 AM   #6
Crashed_Again
Senior Member
 
Registered: Dec 2002
Location: Atlantic City, NJ
Distribution: Ubuntu & Arch
Posts: 3,503

Rep: Reputation: 57
Quote:
I changed the setting in /etc/xinetd.conf 'disable = no' to 'disable = yes'.
Why did you disable xinetd? I bet this is the source of all your problems.
 
Old 03-05-2003, 10:06 AM   #7
gurumaster
LQ Newbie
 
Registered: Feb 2003
Distribution: Red Hat 8
Posts: 7

Original Poster
Rep: Reputation: 0
Final Solution

OKAY, here is what I did to get vsftpd working since all else failed.

First, I reformatted and installed a fresh copy of Red Hat 8.0, during install I selected a server install, included ftp server package (among other packages), setup firewall for High security and customized to allow ftp (and other services) pass through.

Second, I updated the kernel using update agent (up2date).

Third, I updated all packages using up2date.

Fourth, I checked the users to ensure that 'nobody' and 'ftp' were created. They are already on the system.

Fifth, I checked to make sure that the ftp directory was in place (/var/ftp) Already on system and ready to go.

Sixth, checked /etc/vsftpd.conf to ensure that everything was set how I wanted it. Everything is cool to get things going.

Seventh, added 'ALL:ALL' to /etc/hosts.allow

Eighth, checked /etc/xinetd.conf to make sure it was starting vsftpd. xinetd.conf has an include for /etc/xinetd.d which contains the information in a file named 'vsftpd'. I changed /etc/xinetd.d/vsftpd so that the line that reads 'disable = yes' so that it now reads 'disable = no'

Ninth, Opened Server Settings>>Services and Restarted the xinetd service.

Tenth, I port scanned from another system to make sure that the correct port was available (21). It was open.

Eleventh, Using the web browser I ftp'd into the local system using the IP address. Selected anonymous user when prompted and TA DA!!! vsftpd was up and working.

Twelfth, tested from another system to ensure the service is available externally. IT WORKS!!!


THANK YOU FOR THE HELP!!!

Good luck to anyone that needs to get vsftpd working, I hope this post helps.


Last edited by gurumaster; 03-05-2003 at 10:16 AM.
 
Old 03-05-2003, 10:09 AM   #8
Crashed_Again
Senior Member
 
Registered: Dec 2002
Location: Atlantic City, NJ
Distribution: Ubuntu & Arch
Posts: 3,503

Rep: Reputation: 57
Quote:
Seventh, added 'allow= ALL' to /etc/hosts.allow
Just a little FYI here. The correct syntax for /etc/hosts.allow is ALL:ALL not allow=ALL
 
Old 05-03-2003, 11:33 AM   #9
x-fanity
LQ Newbie
 
Registered: May 2003
Posts: 1

Rep: Reputation: 0
I think you wer missing a letter in your xinetd.conf file

service ftp
{
disable = no
socket_type = stream
wait = no
user = root
server = /usr/sbin/vsftp <<--- Doesn't that need a d behind it??
nice = 10
}

Greetz x-fanity

Last edited by x-fanity; 05-03-2003 at 11:51 AM.
 
Old 05-03-2003, 05:06 PM   #10
lil_drummaboy
Member
 
Registered: May 2003
Location: Victoria, CANADA!
Distribution: OpenBSD, Slackware, Debian
Posts: 85

Rep: Reputation: 15
I have made a HUGE mistake!!! I accidentaly deleted the "ftp" user account is there a way to get it back cause now my ftp won't work!
 
Old 05-04-2003, 07:42 PM   #11
stephenk
LQ Newbie
 
Registered: May 2003
Posts: 13

Rep: Reputation: 0
Kind of working

thanks, grubmaster,...now my vsftpd is kind of working, i think i screw up step 8, but anyway, it works now
I am not trying to add users, but i am not sure how should i do it, would anyone mind to tell me please.

also, i am not sure how to login as a root, what shoudl the password suppose to be?

help is good
 
Old 05-21-2003, 11:26 AM   #12
Felipe78
LQ Newbie
 
Registered: May 2003
Location: Colombia
Distribution: RH9
Posts: 6

Rep: Reputation: 0
also, i am not sure how to login as a root, what shoudl the password suppose to be?

What u can do is to take the root account away from the /etc/vsftpd.ftpusers, but i recommend not do to do that!!!!!!

This list is for user that are not aload to ftp to your site.
 
Old 07-02-2003, 04:25 AM   #13
pakkua80
LQ Newbie
 
Registered: Jul 2003
Location: Malaysia
Distribution: RedHat Enterprise Server 3, Fedora Core 2
Posts: 5

Rep: Reputation: 0
FTP error

I got this error when try to connect

:: 500 OOPS: str_getpwnam: ftpsecure

Can anyone help me on this ?

vsftpd.conf

anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
anon_upload_enable=YES
anon_mkdir_write_enable=YES
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
chown_uploads=YES
chown_username=whoever
xferlog_file=/var/log/vsftpd.log
xferlog_std_format=YES
idle_session_timeout=600
data_connection_timeout=120
nopriv_user=ftpsecure
#async_abor_enable=YES
#ascii_upload_enable=YES
#ascii_download_enable=YES
ftpd_banner=welcome to TC ftp services.
#deny_email_enable=YES
#banned_email_file=/etc/vsftpd.banned_emails
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd.chroot_list
#ls_recurse_enable=YES
pam_service_name=vsftpd
#userlist_enable=YES
#enable for standalone mode
#listen=YES
#tcp_wrappers=YES

/etc/xinetd.d/vsftpd

service ftp
{
disable = no
socket_type = stream
wait = no
user = root
server = /usr/sbin/vsftpd
nice = 10
}

iptables

....
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 80 --syn -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 21 --syn -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 22 --syn -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 23 --syn -j ACCEPT.
...

netstat -ln

tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN

 
Old 12-08-2003, 08:25 AM   #14
core
Member
 
Registered: May 2003
Location: Berlin
Distribution: Slackware 9.1 Kernel: 2.6.4
Posts: 60

Rep: Reputation: 15
well. I did not read every single line here, but some facts..

/etc/hosts.allow is not interesting here, because you don't use tcp_wrappers (tcpd) with your xinetd entry. so this entry is ignored.
Second - if you _would_ use tcpd in your xinetd config for vsftp, the syntax would be
ftp: ALL:ALLOW
This is because vsftpd will listen on the port assigned to 'ftp' in /etc/services.. and this is usually the line: ftp 21/tcp
 
Old 12-09-2003, 05:46 PM   #15
pakkua80
LQ Newbie
 
Registered: Jul 2003
Location: Malaysia
Distribution: RedHat Enterprise Server 3, Fedora Core 2
Posts: 5

Rep: Reputation: 0
Steps that I drawn out for Red Hat Linux 9 to install vsftpd

Oh , do remember to install vsftpd in the first place. (from CD)


Firstly , Copy the vsftpd.conf file from /etc/vsftpd to /etc ( Default to do this if install from CD )

Than, Check the configuration file of the default is the same as below

anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
chown_uploads=YES
chown_username=whoever
xferlog_file=/var/log/vsftpd.log
xferlog_std_format=YES
idle_session_timeout=600
data_connection_timeout=120
ftpd_banner=welcome to TC ftp services.
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd.chroot_list
pam_service_name=vsftpd
#nopriv_user=ftpgroup
#anon_upload_enable=YES
#anon_mkdir_write_enable=YES
#async_abor_enable=YES
#ascii_upload_enable=YES
#ascii_download_enable=YES
#deny_email_enable=YES
#banned_email_file=/etc/vsftpd.banned_emails
#ls_recurse_enable=YES
#userlist_enable=YES
#enable for standalone mode
#listen=YES
#tcp_wrappers=YES

Thirdly, check whether the file vsftpd in folder /etc/xinetd.d exist. If not create the file by typing

touch /etc/xinetd.d/vsftpd


than vi into the file and add the configuration inside

service ftp
{
disable = no
socket_type = stream
wait = no
user = root
server = /usr/sbin/vsftpd
nice = 10
}

After created the file, restart xinetd.d with the command

[root@SINDHCP01 /]#/etc/init.d/xinetd restart

After restart,

Just try out ftp to localhost or from another station.

All user with default non privilege should be able to ftp to their own home directory.

Such as you created user : ftpuser

The user will be able to ftp and connect to /home/ftpuser

To disable a particular user from accessing the ftp,
Put the username in to the file /etc/vsftpd.ftpusers

To create users, just use the GUI in X to create the user, if you are free try out the useradd command.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
vsftpd setup davidhk Fedora 1 08-06-2005 05:13 AM
VSFTPD Setup carlosinfl Linux - Networking 3 07-22-2005 06:53 AM
vsftpd setup problems pfunk Linux - Networking 4 12-03-2004 08:47 PM
vsftpd setup help t3___ Linux - Software 1 11-24-2003 06:15 PM
vsftpd...setup...!!!1 maseby Red Hat 1 10-28-2003 10:14 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 06:17 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration