I can sftp to my system and ftp to it and I can do a get from the system one I login.

However I cannot do a put to the system.

I get "requested action not permitted " from ftp and from sftp using file zilla I get critical error.

Anyone have any idea?

Could it be an SELinux or a firewall issue?

Also what is the easiest way to disallow ftp and only allow sftp?

Check the ftp server config.
If you have the same prob with sftp, sounds like either a user permissions ie 'w' is not set for the incoming id to write to the tgt dir, or the partition is mounted ro (read-only).

Please add your distro & version to your profile.

Sorry this is RH 5
I check the /etc/vsftpd/vsftpd.conf. Is that that file you are talking about?

I have this enabled...

# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=NO
#
# Uncomment this to allow local users to log in.
local_enable=YES

# Uncomment this to enable any form of FTP write command.
write_enable=YES

here the output from mount...

/dev/mapper/VolGroup00-LogVol00 on / type ext3 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
/dev/cciss/c0d0p1 on /boot type ext3 (rw)
tmpfs on /dev/shm type tmpfs (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
none on /var/lib/xenstored type tmpfs (rw)



I did find that 1 user can ftp and upload from one specific IP. If we try any other users from other networks cannot do a put.

I am thinking something got locked down to that IP range. not sure how...

i am still at a loss as to why only 1 users machine can do a put. They can use any id on their system and do a put. but when we try from a different ip segment we can only do gets and no puts.

Hope this makes it clearer.

You must have user permissions set on the files/directories them selfs forbidding users that log on the system to write . FTP and SFTP are 2 different things. FTP is regular FTP server, and you are setting file permissions per user, per group, aliased users, etc.

SFTP is actually when you connect via SSH tunnel and you do not need FTP server for it, only SSH access to the system. SFTP is slower then FTP since connection is encrypted. If you can not write (put) via SFTP as well, that means that the user you are using has no writing rights for that folder/files. Maybe you created those folders/files with root account and never set chmod on them?

I thought about that too but I am sftp/ftp into my home dir. As stated above the users CAN ftp/sftp from this one machine. Just not from any other systems on any other networks.

So this rules out directory permissions. I am the owner of the dir and its will work from only 1 system .

I am going to try and turn off selinux and see if that helps any.

Thank you for the ideas.

I checked SELinux and it is in permissive mode. so that is not it.
Was hoping for that sliver bullet...

So I tried something just to see if it worked.

I logged into my system as my ID. Then I ftp back to my system and logged in with my ID in the ftp session.

I was able to do a put and a get that way fine.


Edited for security reasons...

The authenticity of host 'myhost.com (124.123.123.123)' can't be established.
RSA key fingerprint is eb:cf:cf:bf:19:08:1d:ax:ee:b3:c9:71:ed:e2:74:69.
Are you sure you want to continue connecting (yes/no)? y
Please type 'yes' or 'no': yes
Warning: Permanently added 'myhost.com,124.123.123.123' (RSA) to the list of known hosts.
me@myhost.com's password:
sftp> ls
jgdata.php junk
sftp> get junk
Fetching /home/me/junk to junk
sftp> put junk
Uploading junk to /home/me/junk
junk 100% 0 0.0KB/s 00:00
sftp> put junk junk2
Uploading junk to /home/me/junk2
junk 100% 0 0.0KB/s 00:00
sftp> ls
jgdata.php junk junk2

OK I just tried a straight psftp session no gui and i was able t put a file fine.

So the ID will work. What could I be missing with filezilla and a dos ftp?

You are giving username and password to those programs? maybe they avoid it and access server with anonymous? just a thought. Check the FTP log to see what user connects, and check FTP config to see what rights are given to those users.

Also, you are not clear.

Q1: Do you understand that SFTP and FTP HAVE NOTHING INCOMMON for your purposes? You can SFTP to any Linux box WITHOUT installed FTP server of any kind.

A1:?

Q2: Have you succeeded to FTP (NOT SFTP) with your account and upload (put) files to your home folder?

A2:?

Q3: If Q2 is positive, do other users have same privileges set in FTP server config?

A3:?

See above...

This is what i get when I turn on debugging on filezila.

Command: PASS ********
Response: 230 Login successful.
Command: SYST
Response: 215 UNIX Type: L8
Command: FEAT
Response: 211-Features:
Response: EPRT
Response: EPSV
Response: MDTM
Response: PASV
Response: REST STREAM
Response: SIZE
Response: TVFS
Response: 211 End
Status: Connected
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/home/me"
Command: TYPE I
Response: 200 Switching to Binary mode.
Command: PASV
Response: 227 Entering Passive Mode (76,144,89,145,34)
Command: LIST
Response: 150 Here comes the directory listing.
Response: 226 Directory send OK.
Status: Calculating timezone offset of server...
Command: MDTM jgdata.php
Response: 213 20090923002720
Status: Timezone offsets: Server: 0 seconds. Local: -14400 seconds. Difference: -14400 seconds.
Status: Directory listing successful
14:32:35 Status: Resolving address of www.myserver.com
14:32:35 Status: Connecting to 76.144.89.145:21...
14:32:35 Status: Connection established, waiting for welcome message...
14:32:35 Trace: CFtpControlSocket::OnReceive()
14:32:35 Response: 220 (vsFTPd 2.0.5)
14:32:35 Trace: CFtpControlSocket::SendNextCommand()
14:32:35 Command: USER me
14:32:35 Trace: CFtpControlSocket::OnReceive()
14:32:35 Response: 331 Please specify the password.
14:32:35 Trace: CFtpControlSocket::SendNextCommand()
14:32:35 Command: PASS ********
14:32:55 Trace: CFtpControlSocket::OnReceive()
14:32:55 Response: 230 Login successful.
14:32:55 Status: Connected
14:32:55 Trace: CFtpControlSocket::ResetOperation(0)
14:32:55 Trace: CControlSocket::ResetOperation(0)
14:32:55 Trace: CFileZillaEnginePrivate::ResetOperation(0)
14:32:55 Trace: CFtpControlSocket::FileTransfer()
14:32:55 Status: Starting upload of C:\Documents and Settings\Desktop\tmp\junk4
14:32:55 Trace: CFtpControlSocket::SendNextCommand()
14:32:55 Trace: CFtpControlSocket::ChangeDirSend()
14:32:55 Command: CWD /home/me
14:32:55 Trace: CFtpControlSocket::OnReceive()
14:32:55 Response: 250 Directory successfully changed.
14:32:55 Trace: CFtpControlSocket::SendNextCommand()
14:32:55 Trace: CFtpControlSocket::ChangeDirSend()
14:32:55 Command: PWD
14:32:55 Trace: CFtpControlSocket::OnReceive()
14:32:55 Response: 257 "/home/me"
14:32:55 Trace: CFtpControlSocket::ResetOperation(0)
14:32:55 Trace: CControlSocket::ResetOperation(0)
14:32:55 Trace: CFtpControlSocket::ParseSubcommandResult(0)
14:32:55 Trace: FileTransferSubcommandResult()
14:32:55 Trace: CFtpControlSocket::SendNextCommand()
14:32:55 Trace: FileTransferSend()
14:32:55 Trace: CFtpControlSocket::SendNextCommand()
14:32:55 Trace: CFtpControlSocket::TransferSend()
14:32:55 Trace: state = 1
14:32:55 Command: TYPE A
14:32:55 Trace: CFtpControlSocket::OnReceive()
14:32:55 Response: 200 Switching to ASCII mode.
14:32:55 Trace: CFtpControlSocket::TransferParseResponse()
14:32:55 Trace: code = 2
14:32:55 Trace: state = 1
14:32:55 Trace: CFtpControlSocket::SendNextCommand()
14:32:55 Trace: CFtpControlSocket::TransferSend()
14:32:55 Trace: state = 2
14:32:55 Command: PASV
14:32:55 Trace: CFtpControlSocket::OnReceive()
14:32:55 Response: 227 Entering Passive Mode (66,129,90,142,172,167)
14:32:55 Trace: CFtpControlSocket::TransferParseResponse()
14:32:55 Trace: code = 2
14:32:55 Trace: state = 2
14:32:55 Trace: CFtpControlSocket::SendNextCommand()
14:32:55 Trace: CFtpControlSocket::TransferSend()
14:32:55 Trace: state = 4
14:32:55 Command: STOR junk4
14:32:55 Trace: CFtpControlSocket::OnReceive()
14:32:55 Response: 550 Requested action not permitted.
14:32:55 Trace: CFtpControlSocket::TransferParseResponse()
14:32:55 Trace: code = 5
14:32:55 Trace: state = 4
14:32:55 Trace: CFtpControlSocket::ResetOperation(2)
14:32:55 Trace: CControlSocket::ResetOperation(2)
14:32:55 Trace: CFtpControlSocket::ParseSubcommandResult(2)
14:32:55 Trace: FileTransferSubcommandResult()
14:32:56 Trace: CFtpControlSocket::ResetOperation(2)
14:32:56 Trace: CControlSocket::ResetOperation(6)
14:32:56 Error: Critical error
14:32:56 Trace: CFileZillaEnginePrivate::ResetOperation(6)
14:32:56 Trace: CFileZillaEnginePrivate::ResetOperation(0)
14:33:56 Status: Disconnected from server
14:33:56 Trace: CControlSocket:oClose(64)
14:33:56 Trace: CFtpControlSocket::ResetOperation(66)
14:33:56 Trace: CControlSocket::ResetOperation(66)
14:33:56 Trace: CFileZillaEnginePrivate::ResetOperation(66)
14:33:56 Trace: CControlSocket:oClose(64)
14:33:56 Trace: CFileZillaEnginePrivate::ResetOperation(0)

I hate to disappoint you, but psftp.exe is NOT FTP client, it is SFTP client, meaning that he connects to your SSH server, not your FTP server! Sorry, but answer A1 should be NO. When you connect via SSH tunnel, you automatically receive privileges assigned to your account by Linux system itself.

Ok. I will set presumed environment, and you correct me if I am wrong.

1. Your SFTP connection (psftp.exe) gives you write access.
2. When you try to connect with your username, like everyone else, you too can only read, but not write/upload/put your files and folders.
3. You said file permissions are properly set.

If all above is true, that means that your FTP server is set in a manner that allows only read privileges to your usernames, for usernames configured. Then you must change access privileges for those accounts/usernames you want to allow writing privileges.

EDIT: My assumptions seams correct, "14:32:55 Response: 550 Requested action not permitted.
" means server denied your request to write/upload file.

Following on from DrLove73:

1. As he/she said, sftp uses the ssh protocol/port and has nothing(!) to do with ftp.
Please be careful to distinguish experiments between the two services.

2. if you can eg read but not write to an ftp server, that's an issue at the server end. eg permissions/sever cfg settings.

3. note 2 applies equally to sftp; separately.

4. if some people cannot connect to eg ftp, you need to be specific about what cmd they use and what msg they get; show an example.
It could be the ftp server cfg or it could be the firewall (not necessarily on the ftp server) or it could be /etc/hosts.allow, /etc/hosts.deny.

5. note 4 applies equally to sftp; separately again.