I recently switched to a newer version of my distribution and so am using vsftpd instead of proftpd. The daemon runs fine and accepts connections from localhost:

Jessard:~$ ftp 127.0.0.1
Connected to 127.0.0.1 (127.0.0.1).
220 (vsFTPd 2.0.1)
Name (127.0.0.1:Jessard):

But, if I try to connect with my assigned address I get this:

Jessard:~$ ftp 192.168.0.46
Connected to 192.168.0.46 (192.168.0.46).
421 Service not available.
ftp>

I'm sure this is not a firewall or network problem, but I don't know what to check for; nothing in the config file seems to mention this sort of behavior. Any ideas?

Have you checked your iptables to see if they are doing anything dodgy with your FTP port?

Yep, and just to make sure I stopped iptables altogether for a minute, with no effect on the problem. Thanks for the idea, though. Is there anywhere that vsftpd lets you to disallow remote connections or something?

You seem like you know what your talking about, so I presume you've got your /etc/hosts.allow file set up correctly?
You got other daemons running on your machine that let you connect to it remotely?

Well, there it is. I figured I was fine with my hosts.allow since it makes no mention of the ftp, http, etc servers and the others besides ftp work, but after adding "vsftpd:ALL" it works. Thanks! Do you know why this line is necessary with vsftpd but not with, say, httpd? Is it something that this server in particular chooses to enforce?

Well, Don't quote me on this, but I believe it is to do with security.

httpd is chroot'd to the directorie(s) listed in the httpd.conf, whereas vsftpd has the functionality to access anything, anywhere on the server (with the correct permissions of course).

Anyway, glad I could help

Thanks, I think I see what you mean. I've been fiddling with the server now, trying to see how to lock it down a bit, and it's proving to be kind of tricky. Do you (or anybody) know of a way to keep a user from leaving a certain directory? For example, I have a user "upload" who I would like to be able to access "/upload," but not cd .. and have access to everything (This is within the context of the ftp server, not a shell or anything)

Yeah, that's quite easy to do:

In your vsftpd.conf (by default I think it is /etc/vsftpd/vsftpd.conf) add the following lines:

Now you need to create the /etc/vsftpd/vsftpd.chroot_list file.
This is a list of users of the FTP server that can go ANYWHERE. Be careful with this, because any user listed in this file will be able to "cd" to wherever their permissions allow. Any users that are NOT in this file are "chroot'd" or "jail'd" to their home directories.

Now the easiset and most secure way to create a user that can only access "/upload" would be to create a Linux user, called upload and set that users home directory to "/upload" and make sure they ARE NOT in the /etc/vsftpd/vsftpd.chroot_list file.

This will allow the "upload" user to access any files/directories in the /upload directory.
Playing with this users permissions will dictate if they are allowed to modify the files that are already contained in this directory.

Hope this helps, and sorry about the delay in the reply... been afk for a few days!

That's exactly what I needed, thanks!
And that's exactly what I did. Thanks again, looks like everything's up and running the way I'd like, now

That's cool.. glad I could help out mate!
Gimmie some prop's and hit the 'thanks' button :P

I have a question - I'm running vsftpd, and it's sort of working (i can login - but i can't change things, like mkdir or anyting) - and I had a question about that chroot stuff - I'm really new to this, so please pardon.

I'd just like to know, in the new file that I have to create in (it says) /etc/vsftpd/chroot_list - what exactly do i put? just the username that has full access?

What I want to do is, I have a site on the server, and I'd like to upload files just by logging in through smart ftp of cute ftp, et al. (and as another side note - i can only ftp the server through command prompt in windows or teh terminal in linux - i can't use smartftp or cuteftp, i get an error that says teh host machine's software has dropped the connection)

so I want it to automatically upload to /var/www/html/ (for apache 2) on a specific username, and then another username will upload in another part. what I had set up was that a specific user had it's home directory in /home/[that username] - how can I change this?

also - I went into /etc/passwd and changed the username I'd like to have access to /var/www/html to that.

and also - when i try to restart vsftpd, it fails when it trys to shut it down

haha - sorry for all the questions.

someone reply please, thanks.

-Asim