Quote:
|
I can use the dos prompt to log in and view files,
|
Sorry if I'm being thick, but do you mean the dos command line FTP client or something else? If I remember correctly, the DOS FTP client doesn't do passive mode, which may mean it can connect because it is using active mode and you still have a problem with passive mode.
Quote:
|
but not any sort of ftp server or windows explorer.
|
I'm going to be even thicker: Explorer handles FTP? Sorry, it has been a looooooong time since I used explorer for much of anything. I would also do some searching and see if Explorer does passive mode. Microsoft seems to have some weird problem with using passive mode as the default.
I guess the upshot is that make sure you're using a decent FTP client like
FileZilla and that you're using a client and not a server.
Now for a couple of things about the vsftpd.conf file:
Quote:
# Run standalone? vsftpd can run either from an inetd or as a standalone
# daemon started from an initscript.
listen=YES
|
You might want to double check your xinetd configuration. A lot of distros are configured to have FTP work through xinetd (or inetd in Slackware) and if you didn't disable the FTP portion of xinetd, it could be causing complications.
Quote:
# This option specifies the location of the RSA certificate to use for SSL
# encrypted connections.
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
|
You may want to temporarily disable this just to remove a variable from the equation. Once you've got FTP working right without encryption, then you can try it with encryption. By the way, this looks suspiciously like an example certificate. Have you really created a certification called ssl-cert-snakeoil.pem?
Quote:
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using "root" for uploaded files is not
# recommended!
chown_uploads=YES
|
I don't think this is only a yes/no option. If you say YES here, I think you also need chown_username to be set to an actual user on the system (NOT root!). I doubt this is part of the problem, but having incomplete options might be causing some confusion. Besides, you've already disabled anonymous logins, so having this active isn't doing anything.
The next couple things almost certainly aren't part of the connection problem, but you might want to think about the decision again:
Quote:
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
local_umask=077
|
Quote:
# It is recommended that you define on your system a unique user which the
# ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure
|
If you're running this as a standalone server, I think you really want to use this option, otherwise if someone compromises vsftpd, they have root privileges.
I guess I just don't like having things uploaded as executable, particularly world executable.
