SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I've checked to make sure it's running with netstat, and restarted inetd after changing the conf files.
I'm not sure what else I should try! When I try and connect to it with a remote ftp client it won't even get to username stage.
I'm using the vsftpd package and installing with pkgtool. I don't have an ftp client installed or any compilers as I'm trying to keep the installation as minimal as possible.
I've also got Apache installed and running, along with mysql and php.
I've checked hosts.deny and it's pretty spartan, and what little there is in there is all commented out anyway.
My Slackware install is very, very basic! Just installed the slackware telnet client and tried that, and got the following:
sh-3.1# telnet localhost 21
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Connection closed by foreign host.
I'm at a bit of a loss as to why it won't work. I am a bit of a newbie, but have managed to get everything else I need for a working web server sorted (apache, mysql, php), only to fail at the last hurdle on the ftp server! I've done extensive googling and forum trawling and cannot seem to find any answers on it.
vsftpd doesn't have any dependencies does it? - although I guess if it did and I were missing any packages I'd get some form of error when starting inetd?
I'm not sure what else I should try! When I try and connect to it with a remote ftp client it won't even get to username stage.
When you say remote, do you mean a client on your LAN or a client out on the internet? The reason I'm asking is that the different scenarios might need some different port forwarding. Have a read through this on the difference between active and passive FTP to see what ports you might need to open.
Hangdog42 - thanks for that, will have a read through that and see if the problem is there.
It's a virtual server in a data center somewhere. Am trying to use it with an FTP client on my desktop at home, so don't have LAN access unfortunately.
Can you connect to it via localhost? Try running your FTP client on the same box as the FTP server. If that works, paste the output of the following command run on the server:
tcpdump -i eth0 -n tcp port 21
And while that's running, attempt to connect to the FTP service from another box. That will tell us if the server is ever seeing the connection attempt.
Doesn't Slackware come with all ports open as default?
There is no default firewall if that is what you mean.
Have you looked in the log files to see if vsftpd is complaining about anything?
Quote:
Originally Posted by jm_5
Then this is what the server gets whilst I try to connect using filezilla from my laptop
When I've used filezilla as a client, I've had to force it to use passive mode (I think the default is to let it choose) otherwise it wouldn't connect. Have you tried a different FTP client or maybe forcing filezilla to use passive mode?
Thanks for your help Hangdog, I've struggled with this on and off for the last couple of weeks reading on forums and manpages etc, and still not having any joy!
There are no vsftpd Log files visible in /var/log as would be expected. I've played around with vsftpd.conf some more and expanded it to include the following, but to no avail:
I've also tried making Filezilla use passive mode, and also to connect with another ftp client - this fails as before, however shows up on the server with tcpdump as it does with Filezilla. So basically exactly the same behaviour as Filezilla.
I'm about ready to give up on it, however I figure it must work one way or another + once it's done I won't have to worry about it, and it would be really handy to get it working.
OK, lets start with some basics (and I know you've done some of this already, but lets make sure). First, use netstat -pantu and make sure that inetd is listening on port 21. Also look at the output of iptables -L -n and make sure that there isn't a firewall in place.
Otherwise, looking at your vsftpd.conf, I think it may be a bit too spartan. Just for giggles, here is mine, and at least on my rig it definitely works with inetd. In particular, I'm worried that the connect_from_port_20=YES line is missing. Also, vsftpd leave a record of connections in /var/log/secure. You might look in there to see if there is even a connection made.
Code:
# Example config file /etc/vsftpd.conf
#
# The default compiled in settings are fairly paranoid. This sample file
# loosens things up a bit, to make the ftp daemon more usable.
# Please see vsftpd.conf.5 for all compiled in defaults.
#
# READ THIS: This example file is NOT an exhaustive list of vsftpd options.
# Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
# capabilities.
#
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
# anonymous_enable=YES
anonymous_enable=NO
#
# Uncomment this to allow local users to log in.
local_enable=YES
#
# Uncomment this to enable any form of FTP write command.
write_enable=YES
#
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
local_umask=022
#
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
#
# Activate directory messages - messages given to remote users when they
# go into a certain directory.
dirmessage_enable=YES
#
# Activate logging of uploads/downloads.
xferlog_enable=YES
#
# Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
#
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using "root" for uploaded files is not
# recommended!
#chown_uploads=YES
#chown_username=whoever
#
# You may override where the log file goes if you like. The default is shown
# below.
xferlog_file=/var/log/vsftpd.log
#
# If you want, you can have your log file in standard ftpd xferlog format.
# Note that the default log file location is /var/log/xferlog in this case.
xferlog_std_format=YES
#
# You may change the default value for timing out an idle session.
#idle_session_timeout=600
#
# You may change the default value for timing out a data connection.
#data_connection_timeout=120
#
# It is recommended that you define on your system a unique user which the
# ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure
#
# Enable this and the server will recognise asynchronous ABOR requests. Not
# recommended for security (the code is non-trivial). Not enabling it,
# however, may confuse older FTP clients.
#async_abor_enable=YES
#
# By default the server will pretend to allow ASCII mode but in fact ignore
# the request. Turn on the below options to have the server actually do ASCII
# mangling on files when in ASCII mode.
# Beware that on some FTP servers, ASCII support allows a denial of service
# attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
# predicted this attack and has always been safe, reporting the size of the
# raw file.
# ASCII mangling is a horrible feature of the protocol.
#ascii_upload_enable=YES
#ascii_download_enable=YES
#
# You may fully customise the login banner string:
ftpd_banner=Welcome to my FTP service.
#
# You may specify a file of disallowed anonymous e-mail addresses. Apparently
# useful for combatting certain DoS attacks.
#deny_email_enable=YES
# (default follows)
#banned_email_file=/etc/vsftpd.banned_emails
#
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
#chroot_list_enable=YES
# (default follows)
#chroot_list_file=/etc/vsftpd.chroot_list
#
# You may activate the "-R" option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
# the presence of the "-R" option, so there is a strong case for enabling it.
ls_recurse_enable=YES
#
# When "listen" directive is enabled, vsftpd runs in standalone mode (rather
# than from inetd) and listens on IPv4 sockets. To use vsftpd in standalone
# mode rather than with inetd, either change the line below to 'listen=YES'
# or comment it out. This directive cannot be used in conjunction with the
# listen_ipv6 directive.
listen=NO
#
# This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6
# sockets, you must run two copies of vsftpd whith two configuration files.
# Make sure, that one of the listen options is commented !!
#listen_ipv6=YES
#
#TDP Additions
#
chroot_local_user=YES
pasv_min_port=50000
pasv_max_port=51000
iptables is not installed - when I try and run it it just says command not found.
That is really weird. Did you do a full install of Slackware or did you remove packages? Iptables is one of the core commands and the fact that it isn't there (I'm assuming you were root when trying to run it), suggests something wrong with the install. If you weren't root, that would explain this because it is in /usr/sbin, which isn't in a normal users PATH.
Quote:
Originally Posted by jm_5
var/log/secure is totally blank, and the other log files don't even exist - not sure why?
Um, you have no files in /var/log? If so, this is really looking like something went horribly wrong on install.
Quote:
Originally Posted by jm_5
Then when I try and connect it changes to the following:
Just to make sure, when you make changes to vsftpd.conf, do you restart inted?
It's a very minimal install of Slackware offered by my VPS hosting provider.
So it comes with very little out the box - anything I needed, I had to add the packages required together with any dependencies.
Have managed to get Apache, MySQL and PHP working without any problems, but VSFTPD is proving a bit of a stumbling block! I've installed it from the vsftpd package in the n disk set (http://www.mirrorservice.org/sites/f...0/slackware/n/).
I am running all commands as root, so iptables definitely isn't installed. Do I need it?
There are files in var/log for other things, but nothing for VSFTPD, eg xferlog and vsftpd.log
Yeah, am restarting inetd each time. The code snippets in my last post were cut and pasted in wrong order, so please don't pay any attention to process ids, as I've just noticed that they don't really tally up!
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.