jchilders_98
asked on
Problem accessing RedHat 9 FTP (vsftpd)
I got vsftpd working inside the network; i.e. I can use a win32 FTP client to access my RedHat server at 192.168.1.200. However, when I tried this morning from a remote location using the static IP, I can *connect*, see the welcome message I configured, and see that I am in my home dir. But (1) I cannot see any files or subdirs, and (2) if I try to upload something it gives an error (not too informative) and crashes my win32 FTP client.
Where should I look next and/or how do I get the FTP working? The ultimate goal is to give the web designer access using DreamWeaver MX to his various web directories.
Where should I look next and/or how do I get the FTP working? The ultimate goal is to give the web designer access using DreamWeaver MX to his various web directories.
ASKER
Thanks, I have forwarded both ports 20 and 21 to the RedHat box. I'm connecting to the server from outside (again, I get the welcome message and see my home dir) so I don't think it's a routing issue...
ASKER
In case that wasn't clear, I HAD ALREADY forwarded the posts -- I still CANNOT connect using FTP. (sorry if that was confusing).
man vsftpd.conf - all the options u need to consider are explained there.
Look for the following options:
chroot_list_enable
chroot_list_file
local_root
Look for the following options:
chroot_list_enable
chroot_list_file
local_root
For an FTP server you need ports 1024-65335 forwarded in addition to ports 20 & 21.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I tried forwarding ports 1024-65335 to the server; when I apply the forwarding, the 'net drops (i.e. no connection). Had to un-forward them. Haven't had time to try the other suggestions yet.
ASKER
Hmm.. well, it works OK with ports 1024-2048 forwarded. I'll give that a try from an external user and see what happens.
ASKER
Turns out I lose Internet access with ports 1024-2048 forwarded. Had to abort that experiment.
More information:
Here's what the FTP command line returns when I try to connect remotely (ids changed to x's):
C:\Documents and Settings\JChilders>ftp xx.xx.xxx.xxx
> ftp: connect :Unknown error number
ftp>
Gotta love 'unknown' error messages. Sigh.
More information:
Here's what the FTP command line returns when I try to connect remotely (ids changed to x's):
C:\Documents and Settings\JChilders>ftp xx.xx.xxx.xxx
> ftp: connect :Unknown error number
ftp>
Gotta love 'unknown' error messages. Sigh.
Because of the need to have the FTP server respond to random, passive client initiated, connections in the 1024-65535 range I don't know how you'd run an FTP server with only a single IP and use that same IP for a NAT'ing firewall. If you could substitute scp or sftp for FTP there wouldn't be any problems with the firewall.
ASKER
THE ANSWER
I finally figured out what the problem was. Took forever. It seems that I had to add this line to the /etc/xinetd.d/vsftpd file in order for changes to the vsftpd.conf file to actually do anything:
server_args = /etc/vsftpd/vsftpd.conf
Without that, I was just passing time.....
I finally figured out what the problem was. Took forever. It seems that I had to add this line to the /etc/xinetd.d/vsftpd file in order for changes to the vsftpd.conf file to actually do anything:
server_args = /etc/vsftpd/vsftpd.conf
Without that, I was just passing time.....
should have read man page more carefully.
NAME
vsftpd.conf, the config file for vsftpd
DESCRIPTION
vsftpd.conf may be used to control various aspects of vsftpd's behaviour. By default, vsftpd looks for this file at the location /etc/vsftpd.conf. However, you may override this by specifying a command line argument to vsftpd. The command line argument is the pathname of the configuration file for vsftpd. This behaviour is useful because you may wish to use an advanced inetd such as xinetd to launch vsftpd with different configuration files on a per virtual host basis.
NAME
vsftpd.conf, the config file for vsftpd
DESCRIPTION
vsftpd.conf may be used to control various aspects of vsftpd's behaviour. By default, vsftpd looks for this file at the location /etc/vsftpd.conf. However, you may override this by specifying a command line argument to vsftpd. The command line argument is the pathname of the configuration file for vsftpd. This behaviour is useful because you may wish to use an advanced inetd such as xinetd to launch vsftpd with different configuration files on a per virtual host basis.
ASKER
Unless I'm missing something, it is not generally obvious that:
(a) Redhat provides a default xinetd configuration with vsftpd installed and running, and,
(b) creates a vsftpd directory in /etc, and
(c) places a vsftpd.conf file in that directory, and finally
(d) fails to add a single line to the xinetd.d/vsftpd file to connect it to the configuration file that was already created.
For what it's worth, I read the man page for vsftpd very carefully, more than once, and still was unable to determine this "obvious" solution. You might not want to assume that everyone has your level of knowlege.
(a) Redhat provides a default xinetd configuration with vsftpd installed and running, and,
(b) creates a vsftpd directory in /etc, and
(c) places a vsftpd.conf file in that directory, and finally
(d) fails to add a single line to the xinetd.d/vsftpd file to connect it to the configuration file that was already created.
For what it's worth, I read the man page for vsftpd very carefully, more than once, and still was unable to determine this "obvious" solution. You might not want to assume that everyone has your level of knowlege.
Dear jchilders_98,
Redhat has to support so many different kind of ftp option that it can not put default entry into xinetd config.
i think it should have been done in vsftpd install, may be u can file a bug for vfstpd.
Redhat has to support so many different kind of ftp option that it can not put default entry into xinetd config.
i think it should have been done in vsftpd install, may be u can file a bug for vfstpd.
ASKER
When installing Redhat, the user is presented with a selection of potential uses: workstation, server etc. Click on select packages and you will see the options Redhat offers for various components. Under the "Servers" option, you will find vsftpd, selected by default. Pro_FTP is also on the CD but is selected-off by default.
Generally speaking, it is super that the distro installs and attempts to configure all these servers with default settings. Everything else worked wonderfully; ftp (as noted) was *almost* perfect and would have worked right out of the box if only the xinetd.d/vsftpd config file had included the cited entry.
I'm still very happy with Redhat in spite of this issue. Samba for example came right up as installed even though I updated the package using the most current RPM from the Samba site. I probably lost about 4 hours on this crazy ftp thing but have learned an important lesson: first, make sure that the changes you are making to config files are actually changing something.
Tho, come to think of it, the welcome message *did* change which threw me off. Must be a quirk about vsftpd. Hmm, maybe I should file a bug report as you suggested. In any case, changing the xinetd.d/vsftpd file produced an instant, successful result.
Generally speaking, it is super that the distro installs and attempts to configure all these servers with default settings. Everything else worked wonderfully; ftp (as noted) was *almost* perfect and would have worked right out of the box if only the xinetd.d/vsftpd config file had included the cited entry.
I'm still very happy with Redhat in spite of this issue. Samba for example came right up as installed even though I updated the package using the most current RPM from the Samba site. I probably lost about 4 hours on this crazy ftp thing but have learned an important lesson: first, make sure that the changes you are making to config files are actually changing something.
Tho, come to think of it, the welcome message *did* change which threw me off. Must be a quirk about vsftpd. Hmm, maybe I should file a bug report as you suggested. In any case, changing the xinetd.d/vsftpd file produced an instant, successful result.
Dear jchilders_98,
Were u suppose to choose my answer, if u choose wrong answer please post it to CS for help.
thanks,
Shiv
Were u suppose to choose my answer, if u choose wrong answer please post it to CS for help.
thanks,
Shiv
I have similar experience.
After I re-start the service vsftpd with the firewall setting allow FTP. Everything works. Certainly, the user need to be in FTP user.
After I re-start the service vsftpd with the firewall setting allow FTP. Everything works. Certainly, the user need to be in FTP user.
And/or use PASV mode transfers