Solved

Problem accessing RedHat 9 FTP (vsftpd)

Posted on 2003-11-17
17
7,467 Views
Last Modified: 2010-03-18
I got vsftpd working inside the network; i.e. I can use a win32 FTP client to access my RedHat server at 192.168.1.200. However, when I tried this morning from a remote location using the static IP, I can *connect*, see the welcome message I configured, and see that I am in my home dir. But (1) I cannot see any files or subdirs, and (2) if I try to upload something it gives an error (not too informative) and crashes my win32 FTP client.

Where should I look next and/or how do I get the FTP working? The ultimate goal is to give the web designer access using DreamWeaver MX to his various web directories.
0
Comment
Question by:jchilders_98
  • 8
  • 4
  • 2
  • +2
17 Comments
 
LVL 5

Expert Comment

by:arjanh
ID: 9767019
If you are behind a firewall, allow both ports 20 and 21
And/or use PASV mode transfers
0
 

Author Comment

by:jchilders_98
ID: 9767043
Thanks, I have forwarded both ports 20 and 21 to the RedHat box. I'm connecting to the server from outside (again, I get the welcome message and see my home dir) so I don't think it's a routing issue...
0
 

Author Comment

by:jchilders_98
ID: 9767235
In case that wasn't clear, I HAD ALREADY forwarded the posts -- I still CANNOT connect using FTP. (sorry if that was confusing).
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 24

Expert Comment

by:shivsa
ID: 9768635
man vsftpd.conf - all the options u need to consider are explained there.

Look for the following options:

chroot_list_enable
chroot_list_file
local_root
0
 
LVL 40

Expert Comment

by:jlevie
ID: 9769277
For an FTP server you need ports 1024-65335 forwarded in addition to ports 20 & 21.
0
 
LVL 5

Accepted Solution

by:
arjanh earned 250 total points
ID: 9769398
OR you use passive transfers (with the PASV command in your FTP client) to let the client initiate both data and command connections. Perhaps the remote site has a firewall as well that is causing the troubles....

I had the same problem as you describe, and using passive mode worked.

Active versus passive mode is explained very clearly here: http://slacksite.com/other/ftp.html
0
 

Author Comment

by:jchilders_98
ID: 9772433
I tried forwarding ports 1024-65335 to the server; when I apply the forwarding, the 'net drops (i.e. no connection). Had to un-forward them. Haven't had time to try the other suggestions yet.
0
 

Author Comment

by:jchilders_98
ID: 9772446
Hmm.. well, it works OK with ports 1024-2048 forwarded. I'll give that a try from an external user and see what happens.
0
 

Author Comment

by:jchilders_98
ID: 9772800
Turns out I lose Internet access with ports 1024-2048 forwarded.  Had to abort that experiment.

More information:
Here's what the FTP command line returns when I try to connect remotely (ids changed to x's):

  C:\Documents and Settings\JChilders>ftp xx.xx.xxx.xxx
  > ftp: connect :Unknown error number
  ftp>

Gotta love 'unknown' error messages. Sigh.
0
 
LVL 40

Expert Comment

by:jlevie
ID: 9779262
Because of the need to have the FTP server respond to random, passive client initiated, connections in the 1024-65535 range I don't know how you'd run an FTP server with only a single IP and use that same IP for a NAT'ing firewall. If you could substitute scp or sftp for FTP there wouldn't be any problems with the firewall.
0
 

Author Comment

by:jchilders_98
ID: 9791534
THE ANSWER

I finally figured out what the problem was. Took forever. It seems that I had to add this line to the /etc/xinetd.d/vsftpd file in order for changes to the vsftpd.conf file to actually do anything:

server_args = /etc/vsftpd/vsftpd.conf

Without that, I was just passing time.....
0
 
LVL 24

Expert Comment

by:shivsa
ID: 9792007
should have read man page more carefully.

NAME
vsftpd.conf, the config file for vsftpd
DESCRIPTION
vsftpd.conf may be used to control various aspects of vsftpd's behaviour. By default, vsftpd looks for this file at the location /etc/vsftpd.conf. However, you may override this by specifying a command line argument to vsftpd. The command line argument is the pathname of the configuration file for vsftpd. This behaviour is useful because you may wish to use an advanced inetd such as xinetd to launch vsftpd with different configuration files on a per virtual host basis.
0
 

Author Comment

by:jchilders_98
ID: 9796561
Unless I'm missing something, it is not generally obvious that:
(a) Redhat provides a default xinetd configuration with vsftpd installed and running, and,
(b) creates a vsftpd directory in /etc, and
(c) places a vsftpd.conf file in that directory, and finally
(d) fails to add a single line to the xinetd.d/vsftpd file to connect it to the configuration file that was already created.

For what it's worth, I read the man page for vsftpd very carefully, more than once, and still was unable to determine this "obvious" solution. You might not want to assume that everyone has your level of knowlege.
0
 
LVL 24

Expert Comment

by:shivsa
ID: 9798053
Dear jchilders_98,

Redhat has to support so many different kind of ftp option that it can not put default entry into xinetd config.
i think it should have been done in vsftpd install, may be u can file a bug for vfstpd.
0
 

Author Comment

by:jchilders_98
ID: 9800150
When installing Redhat, the user is presented with a selection of potential uses: workstation, server etc. Click on select packages and you will see the options Redhat offers for various components. Under the "Servers" option, you will find vsftpd, selected by default.  Pro_FTP is also on the CD but is selected-off by default.

Generally speaking, it is super that the distro installs and attempts to configure all these servers with default settings. Everything else worked wonderfully; ftp (as noted) was *almost* perfect and would have worked right out of the box if only the xinetd.d/vsftpd config file had included the cited entry.

I'm still very happy with Redhat in spite of this issue. Samba for example came right up as installed even though I updated the package using the most current RPM from the Samba site. I probably lost about 4 hours on this crazy ftp thing but have learned an important lesson: first, make sure that the changes you are making to config files are actually changing something.

Tho, come to think of it, the welcome message *did* change which threw me off. Must be a quirk about vsftpd. Hmm, maybe I should file a bug report as you suggested. In any case, changing the xinetd.d/vsftpd file produced an instant, successful result.
0
 
LVL 24

Expert Comment

by:shivsa
ID: 9803456
Dear  jchilders_98,

Were u suppose to choose my answer, if u choose wrong answer please post it to CS for help.

thanks,
Shiv
0
 

Expert Comment

by:jackypkh
ID: 10160564
I have similar experience.
After I re-start the service vsftpd with the firewall setting allow FTP. Everything works. Certainly, the user need to be in FTP user.
0

Featured Post

Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
*STABLE* and free Linux Firewall distribution 6 87
Debian: failing to add netwok bridge for kvm 2 110
linux 2 101
Can't get /etc/resolv.conf to configure after reboot 8 96
I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question