LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 01-12-2004, 07:04 AM   #16
superbaguss
LQ Newbie
 
Registered: Jan 2004
Posts: 4

Rep: Reputation: 0
still not working for me :-(


hi,
i got a problem which i canīt resolve.
running vsftpd -1.2.0 on a mandrake 9.2, newly installed two days ago.
followed all the above, and still got some problems. an other testsystem is a redhat 9, working fine for me.
both are the same installations, one by urpmi vsftpd (mandrake) and one installed from source.
so, when i try to connect to my mandrake -troublemaker, i can login, but canīt do a ls command. (working fine in redhat)
when i try to login and ls locally, it works fine. might it be a firewall problem?


client (ftp mydns.no-ip.com) says:

--snip--
331 Please specify the password.
Password:
230 Login successful. Have fun.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
227 Entering Passive Mode (82,82,97,252,214,72)
ftp: connect: Connection timed out
--snap--


and with ncftp mydns.no-ip.com:

--snip--
(vsFTPd 1.2.0)
Logging in...
Login successful. Have fun.
Sorry, I don't have help.
Logged in to flurman.no-ip.com.
ncftp / > ls
Data connection timed out.
Falling back to PORT instead of PASV mode.
List failed.
--snap--


nmap -sT mydns.no-ip.com tells me:

--snip--
(The 1593 ports scanned but not shown below are in state: filtered)
Port State Service
20/tcp closed ftp-data
21/tcp open ftp
22/tcp open ssh
80/tcp open http
113/tcp closed auth
135/tcp closed loc-srv
139/tcp closed netbios-ssn
445/tcp closed microsoft-ds
--snap--

i am using shorewall with opened port 20,21., like that:
(etc/shorewall/rules)
--snip--
ACCEPT net fw tcp ftp-data,21,22,80
--snap--

can someone tell me whats up with my mandrake box?

thanks in advance
malte

Last edited by superbaguss; 01-12-2004 at 07:27 AM.
 
Old 01-14-2004, 03:47 AM   #17
Felipe78
LQ Newbie
 
Registered: May 2003
Location: Colombia
Distribution: RH9
Posts: 6

Rep: Reputation: 0
Re: still not working for me :-(

Quote:
Originally posted by superbaguss
hi,
i got a problem which i canīt resolve.
running vsftpd -1.2.0 on a mandrake 9.2, newly installed two days ago.



i am using shorewall with opened port 20,21., like that:
(etc/shorewall/rules)
--snip--
ACCEPT net fw tcp ftp-data,21,22,80
--snap--

thanks in advance
malte
Try this.....

Here are my config files for anyone else that might be having the same question......

1. part

/etc/vsftpd/vsftpd.conf

# Example config file /etc/vsftpd.conf
#
# The default compiled in settings are very paranoid. This sample file
# loosens things up a bit, to make the ftp daemon more usable.
#
# Allow anonymous FTP?
anonymous_enable=NO
#
# Uncomment this to allow local users to log in.
local_enable=YES
#
# Uncomment this to enable any form of FTP write command.
write_enable=YES
#
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
local_umask=022
#
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
#
# Activate directory messages - messages given to remote users when they
# go into a certain directory.
dirmessage_enable=YES
#
# Activate logging of uploads/downloads.
xferlog_enable=YES
#
# Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
#
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using "root" for uploaded files is not
# recommended!
#chown_uploads=YES
#chown_username=whoever
#
# You may override where the log file goes if you like. The default is shown
# below.
#xferlog_file=/var/log/vsftpd.log
#
# If you want, you can have your log file in standard ftpd xferlog format
xferlog_std_format=YES
#
# You may change the default value for timing out an idle session.
#idle_session_timeout=600
#
# You may change the default value for timing out a data connection.
#data_connection_timeout=120
#
# It is recommended that you define on your system a unique user which the
# ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure
#
# Enable this and the server will recognise asynchronous ABOR requests. Not
# recommended for security (the code is non-trivial). Not enabling it,
# however, may confuse older FTP clients.
#async_abor_enable=YES
#
# By default the server will pretend to allow ASCII mode but in fact ignore
# the request. Turn on the below options to have the server actually do ASCII
# mangling on files when in ASCII mode.
# Beware that turning on ascii_download_enable enables malicious remote parties
# to consume your I/O resources, by issuing the command "SIZE /big/file" in
# ASCII mode.
# These ASCII options are split into upload and download because you may wish
# to enable ASCII uploads (to prevent uploaded scripts etc. from breaking),
# without the DoS risk of SIZE and ASCII downloads. ASCII mangling should be
# on the client anyway..
#ascii_upload_enable=YES
#ascii_download_enable=YES
#
# You may fully customise the login banner string:
#ftpd_banner=Welcome to blah FTP service.
ftpd_banner=This config file is in /etc/vsftpd !!
#
# You may specify a file of disallowed anonymous e-mail addresses. Apparently
# useful for combatting certain DoS attacks.
#deny_email_enable=YES
# (default follows)
#banned_email_file=/etc/vsftpd.banned_emails
#
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
chroot_list_enable=YES
chroot_local_user=YES
# (default follows)
chroot_list_file=/etc/vsftpd.chroot_list
#
# You may activate the "-R" option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
# the presence of the "-R" option, so there is a strong case for enabling it.
#ls_recurse_enable=YES

pam_service_name=vsftpd
userlist_enable=YES
userlist_deny=NO
#enable for standalone mode
listen=YES
tcp_wrappers=YES



/etc/vsftp.user_list

# vsftpd userlist
# If userlist_deny=NO, only allow users in this file
# If userlist_deny=YES (default), never allow users in this file, and
# do not even prompt for a password.
# Note that the default vsftpd pam config also checks /etc/vsftpd.ftpusers
# for users that are denied.
ftpuser1


/etc/vsftpd.ftpusers

# Users that are not allowed to login via ftp
root
bin
daemon
adm
lp
sync
shutdown
halt
mail
news
uucp
operator
games
nobody

/etc/vsftpd.chroot_list

# Who do we not want to chroot() ?
# No-one!

.................................................................................................... ...................
2. part

Firewall!!

4 the fw, try Iptables---- > the source 4 opening ftp is:


/sbin/iptables -A INPUT -p tcp --dport 21 -j ACCEPT

Hope it will work out 4 you......
 
Old 01-14-2004, 05:55 AM   #18
superbaguss
LQ Newbie
 
Registered: Jan 2004
Posts: 4

Rep: Reputation: 0
whereīs the differnece?

hi,
thanks for replying,
checked that, helped nothing.
which os are u running?

can you please explain me the difference between your iptables- and my shorewall-rule?

hereīs my (obvious simple) vsftpd.conf (removed commented-out lines for clarity):

anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
async_abor_enable=YES
ls_recurse_enable=YES
pam_service_name=vsftpd
 
Old 06-16-2004, 10:36 PM   #19
Doomhammer
Member
 
Registered: Oct 2003
Location: Montreal Qc, Canada
Posts: 105

Rep: Reputation: 15
i tried to make vsftpd work but with the steps desciprd her..
when i ftp my server from my workstation, it seems to work but, a blank page is diaplayed with the
Index of ftp://192.168.0.3/
html link -> Up to higher level directory

Its strange, because my /var/ftp/ directory contains a stuff subdir. Nothing shows on the page..

When i try to log in a shell, i have the following error messsages :
[root@dhcppc2 stuff]# ftp localhost
Connected to localhost.localdomain.
220 dhcppc2 FTP server (Version 5.60) ready.
334 Using authentication type GSSAPI; ADAT must follow
GSSAPI accepted as authentication type
GSSAPI error major: Miscellaneous failure
GSSAPI error minor: No credentials cache found
GSSAPI error: initializing context
GSSAPI authentication failed
334 Using authentication type KERBEROS_V4; ADAT must follow
KERBEROS_V4 accepted as authentication type
Kerberos V4 krb_mk_req failed: You have no tickets cached
Name (localhost:root): root
530 Must perform authentication before identifying USER.
Login failed.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>

Last edited by Doomhammer; 06-16-2004 at 10:38 PM.
 
Old 06-23-2004, 03:45 PM   #20
dotc
LQ Newbie
 
Registered: May 2004
Location: Dallas
Posts: 14

Rep: Reputation: 0
hi:
Does anyone know how to set the user permissions for vsftp . I am trying to create a super user who is able to access all the files of other users. Is there anyway i can do this. Please let me know
Chethan Channnappa
Research Assistant
University of Texas at Dallas
 
Old 01-21-2009, 12:54 AM   #21
roy-arne
LQ Newbie
 
Registered: Sep 2008
Posts: 26

Rep: Reputation: 15
Quote:
Originally Posted by dotc View Post
hi:
Does anyone know how to set the user permissions for vsftp . I am trying to create a super user who is able to access all the files of other users. Is there anyway i can do this. Please let me know
Chethan Channnappa
Research Assistant
University of Texas at Dallas
I'm also verry interessted in how we can create a superuser that have access to all directories.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
vsftpd setup davidhk Fedora 1 08-06-2005 05:13 AM
VSFTPD Setup carlosinfl Linux - Networking 3 07-22-2005 06:53 AM
vsftpd setup problems pfunk Linux - Networking 4 12-03-2004 08:47 PM
vsftpd setup help t3___ Linux - Software 1 11-24-2003 06:15 PM
vsftpd...setup...!!!1 maseby Red Hat 1 10-28-2003 10:14 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 06:25 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration