vsftp problems logging in via external or internet ip
------------------------------------------------------

I have installed vsftpd on linux mint 18.3 64bit. I am attempting to setup an ftp server at home so that I can access my files from work.

Testing the ftp login with filezilla appears to work fine using my local ip e.g 192.168.1.12, (from an admin priv user on the same pc hosting the ftp server) and i see my home directory. There are no other ftp servers running on other pcs on my network. The filezilla output is as follows:

I log in as 'toad' with password

Status: Connecting to 192.168.1.12:21...
Status: Connection established, waiting for welcome message...
Status: Insecure server, it does not support FTP over TLS.
Status: Server does not support non-ASCII characters.
Status: Logged in
Status: Retrieving directory listing...
Status: Directory listing of "/home/toad" successful

But my problem is that I can't log in using my internet ip e.g 101.98.xx.xx from the same pc. I receive a '530 Login incorrect' message in filezilla, even though the password and username are correct. This is the same for all accounts that i try to ftp in with. The filezilla output is as follows:

I log in again as 'toad' with password

Status: Connecting to 101.98.xx.xx:21...
Status: Connection established, waiting for welcome message...
Status: Insecure server, it does not support FTP over TLS.
Command: USER daniel
Response: 331 Password please.
Command: PASS ************
Response: 530 Login incorrect.
Error: Critical error: Could not connect to server

I have set vsftpd.conf to verbose ftp logging in an attempt to see what the 'real' reason for login rejection is in the /var/log/vsftpd.log.

/var/log/vsftpd.log recorded my 192.168.1.12 login ftp messages, but will not record any traffic if i try to log in using my internet ip 101.98.xx.etc.

My router management page tells me that 'Services Access Control' list port 21 for ftp is enabled for LAN and WAN.

My vsftpd.conf file is as follows (i've removed the #'d lines for clarity):

listen=YES
anonymous_enable=NO
local_enable=YES
dirmessage_enable=YES
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=NO
log_ftp_protocol=YES
ascii_upload_enable=YES
ascii_download_enable=YES
ftpd_banner=TOADS FTP SERVER.
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=ftp
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
ssl_enable=NO


Your help would be greatly appreciated,

Regards,

Daniel
theoriginaltoad

Welcome to LinuxQuestions.

While this isn't a direct answer to your question it would be easier and more secure to access your home server using sftp instead of ftp.

You will need to start the ssh server as well as forward port 22 in your router to your computer's LAN IP address. You can still use filezilla to access your files with the same username and password except your using sftp instead of ftp.

Apart from using sftp/scp for security reasons as michaelk suggested, I see that while you said that you're trying to connect as user "toad", you're in fact using the "daniel" username.

Thank you Bathory, I have tried my toad user instead of daniel but still problems. But I have decided to move on to using sftp and ssh as suggested, I can use these locally on my network but again the same sort of problem. I will post my ssh -vvv output on another thread.

Thanks again