Solved

Unable to Connect Via FTP

Posted on 2013-11-05
109
1,194 Views
Last Modified: 2013-11-20
Hello Experts,

I was wondering if any of you experts could help with a problem I am experiencing in connecting to my website via FTP.

I set up the FTP user in Plesk, but when I try and access it via both Dreamweaver and Filezilla I get an "Could not connect to the server" error.

Does anyone have any ideas as to what the problem could be?
0
Comment
Question by:OmniUnlimited
  • 46
  • 41
  • 11
  • +1
109 Comments
 
LVL 70

Expert Comment

by:Jason C. Levine
Comment Utility
Ports/encryption?  Is this plain vanilla (insecure) FTP on port 21 or SFTP on port 22?
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
Plain vanilla.  To be honest with you, I don't see many options for changing such configurations.  Course, I'm new to Plesk, so I might be missing something.
0
 
LVL 16

Expert Comment

by:AlexPace
Comment Utility
If you telnet to the server on port 21 do you see the 220 welcome message or a connection failure?
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
I get a blank screen with a blinking cursor, then after a few moments, it returns me to the command prompt.
0
 
LVL 70

Expert Comment

by:Jason C. Levine
Comment Utility
Command prompt meaning successful login?  Issue a pwd command and see what happens?
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
No, command prompt meaning that I return to the same command prompt I had when I issued the telnet command.
0
 
LVL 70

Expert Comment

by:Jason C. Levine
Comment Utility
So that would tend to indicate something is misconfigured server side.  Assuming your credentials are correct, try doing it one more time with PuTTY to see if simple telnet is disabled for security reasons.

If you can't get in with any FTP client, telnet or PuTTY, you've got some deeper issues.
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
I can log in just fine with Putty.
0
 
LVL 70

Expert Comment

by:Jason C. Levine
Comment Utility
Okay!  Now we're cooking.

My guess is this is a security/ports issue.  Try reconfiguring Filezilla and/or Dreamweaver to connect using SFTP.
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
SFTP does not work.
0
 
LVL 16

Expert Comment

by:AlexPace
Comment Utility
Did you telnet to the default telnet port 23 or did you try 21 for FTP and 22 for SFTP?
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
I did not specify ports.  Dreamweaver CS3 does not provide the option and I left the port blank in Filezilla.
0
 
LVL 16

Expert Comment

by:AlexPace
Comment Utility
if you telnet without specifying a port it attempts to connect on the telnet port 23 .... try with 21 and 22
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
Sorry AlexPace, I read your comment wrong this morning.  We were just talking about connecting via Dreamweaver and Filezilla so I assumed you were following the same line of comments.  I see your comments, however, are referring to telnetting.

Here is what happens when I telnet the ports:

telnet port 23 gives a "Could not open connection to the host" error.
telnet port 22 allows me to connect under SFTP.
telnet port 21 gives me a blank screen with a blinking cursor which then returns me after a while to the original command prompt I had when I made the telnet request.

Now, seeing that port 22 let me in, I tried using Filezilla set to port 22 and using the username and password I had set up in Plesk.  Filezilla gave me a "Connection closed by server with exitcode 1" error then a "Could not connect to the server" error.
0
 
LVL 16

Expert Comment

by:AlexPace
Comment Utility
Does the welcome message on port 22 mention SSH?  You might also try using WinSCP to make an SFTP connection... it has pretty good logging that can be enabled.
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
Hi AlexPace,

You know I am real sorry for the delay in responding to you.  I wasn't even aware that you had posted.  I don't know if maybe I accidently deleted the email notification of your post or what.

Telnetting port 22 gives the following prompt:  SSH-2.0-OpenSSH_5.3.

Using WinSCP gives me an interesting experience.  When I try to connect, it shows me the following:

Searching for host...
Connecting to host...
Authenticating...
Using username "someuser".
Authenticating with pre-entered password.
Authenticated.
Starting session...

Then, all of a sudden a dialog box opens up that says, "Connection has been unexpectedly closed.  Server sent command exit status 1.  Cannot initialize SFTP protocol.  Is the host running an SFTP server?"

To the question, "Is the host running an SFTP server?", I would probably say, "No".

What now?
0
 
LVL 70

Expert Comment

by:Jason C. Levine
Comment Utility
To the question, "Is the host running an SFTP server?", I would probably say, "No".

I would actually say "Yes" but it's misconfigured.
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
@jason1178: Really?  Do you know how to fix this?
0
 
LVL 70

Expert Comment

by:Jason C. Levine
Comment Utility
No, this is the point in time that I open a ticket with my hosting provider :)  

My server-fu is weak.
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
Hmm.  And our hosting company is poor.  They charge for anything they do and they never can explain exactly what it is they are doing.  I'd like to avoid that if at all possible.

How do you know the server is misconfigured?
0
 
LVL 16

Expert Comment

by:AlexPace
Comment Utility
SSH-2.0-OpenSSH_5.3 is the welcome banner from the SFTP server software on the remote computer.
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
@AlexPace: Ok, so how do I connect?
0
 
LVL 70

Expert Comment

by:Jason C. Levine
Comment Utility
How do you know the server is misconfigured?

Because it lets you get all the way through the user validation and connects and then immediately boots you out.  If the user information was wrong, you'd see a different message.

And our hosting company is poor.  They charge for anything they do and they never can explain exactly what it is they are doing

Well, there's a fix for that too.
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
@jason1178:

Well, there's a fix for that too.

Jason, I know, but time is at a premium, and I need this fixed now?
0
 
LVL 16

Expert Comment

by:AlexPace
Comment Utility
It sounds like you were able to connect on a network level but not able to complete user authentication... or you were disconnected by something external to your SFTP client software.

Given that you suspect an issue with your network provider, if I were you I would load up an SFTP client on a laptop and go over to some coffeeshop with free Wifi and see if you can connect to the server over someone else's network... maybe take it home and try from there where you can fiddle with your firewall yourself if needed.
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
@AlexPace:

It sounds like you were able to connect on a network level but not able to complete user authentication...

I'm not understanding that.  The WinSCP output (see comment ID: 39631510) showed that the connection authenticated using the username and password provided.

... or you were disconnected by something external to your SFTP client software.

What could possibly do that, and how can I check?  

Given that you suspect an issue with your network provider

I do not suspect an issue with my network provider.  I suspect an issue with the server and how it is set up.  Since the suspicion is on the server and not the network connection I don't see how hooking up to an external network will resolve any issues.  If it were a network connection issue, I would not expect the type of error messages that I am getting.  I would expect more an "unable to connect" or "connection lost" error.
0
 
LVL 70

Expert Comment

by:Jason C. Levine
Comment Utility
I don't think it's your connection either. If this was a "port being blocked by the ISP" issue you wouldn't get all the way through, it would die at the first step.
0
 
LVL 16

Expert Comment

by:AlexPace
Comment Utility
The WinSCP output (see comment ID: 39631510) showed that the connection authenticated using the username and password provided.

SFTP, unlike FTP, is a binary protocol.  That means the authentication success message did not come directly from the server but rather was generated by the WinSCP client based on the return code from the server.  Yes, it is likely that the server accepted your login credentials and then bumped you on an IP address whitelist check or the account expired/locked out but we can't be 100% sure that the server actually accepted your login because that message you see was generated by WinSCP rather than by the server software.

Assuming the server configuration is the area where you have the least control and may face reluctance from the remote administrator, you would be in a strong position to say its not your computer and its not your network if the exact same thing happens from a laptop connected to a 3rd party network.
0
 
LVL 16

Expert Comment

by:AlexPace
Comment Utility
What could possibly do that, and how can I check?  

Some kind of security software that scans traffic and terminates connections rather than blocking them.  You could check by attempting to connect from a different machine outside this network.
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
we can't be 100% sure that the server actually accepted your login because that message you see was generated by WinSCP rather than by the server software.

So how can we be sure?

Assuming the server configuration is the area where you have the least control

No, I'm sorry, but that assumption is wrong.  The reason I dislike our host is because they basically leave everything in our hands and I really don't know what I am doing.

I can control almost everything, IF I knew what I was doing.

You could check by attempting to connect from a different machine outside this network

Ok, tried connecting outside of the network.  Same results.  How can I find out if the server has such a security program running?
0
 
LVL 16

Expert Comment

by:AlexPace
Comment Utility
Since you have access to the server the next thing to do is look at the server configuration.  Check to see if the login account is marked locked out or expired.  Check the access control list to see if it has a blacklist/whitelist that needs to be modified.

You can tease out the difference between account configuration and server configuration by creating a test account and seeing if that works.

If nothing else, the server's log file should show an answer.
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
Check to see if the login account is marked locked out or expired.

How do I do this?

Check the access control list to see if it has a blacklist/whitelist that needs to be modified.

Ditto.

You can tease out the difference between account configuration and server configuration by creating a test account and seeing if that works.

The FTP account I set up is a test account.

If nothing else, the server's log file should show an answer.

Which log?  The access log, error log, SSL log, etc?
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
Have you tried just at the windows command prompt??  Did that show a login?

> ftp www.mydomain.com

port 22 is for ssh connections.  SFTP utilises SSH for file transfer on the same port (22).

Let me know how you go with the ftp from the command prompt
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
Windows command prompt ftp attempt gave me a "Connected to xx.xx.xx.xx.  Connection closed by remote host."
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
How long before the "connection closed by remote host"our did it happen right away?
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
Then you know ftp is running à accepting connections that port. When you tried logging in with filezilla, what did the log window show?
Just wanted to confirm but it really does sound like a hosting issue.
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
As a final check, please use the command line ftp and connect to:
FTP server: ftp.bjaconsulting.com.au

Does that connect ok our sites drop the connection as well?
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
The "Connection closed by remote host" happened pretty fast.  Almost instantaneously.

Filezilla reports similar errors upon attempts to connect at port 21: "Connection established, waiting for welcome message... Could not connect to server"

FTP to ftp.bjaconsulting.com.au gave me a prompt for a user, one step further than what I got with my server.
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
Almost certainly an issue then with your host as you ruled out an issue with your network or your network provider being able to connect to my ftp.  
Your host is dropping connections so you'll need to contact their support team to find out why.  Though from what you've said above I'm not sure how well that would go?  You don't have much faith in them?
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
No, I don't.  Like I said, they pretty much left everything in my hands, and the whole purpose of this question is to find out what I can do to the server to make the ftp work.
0
 
LVL 70

Expert Comment

by:Jason C. Levine
Comment Utility
Are we absolutely sure that the hosting provider allows traffic in on port 22?

the whole purpose of this question is to find out what I can do to the server to make the ftp work.

There may not be anything you can do.  We still haven't nailed it down to this specific server or something systemic at the hosting provider level.  That's why (among other reasons) we keep asking you to reach out to them.

Just wild guessing again, but if you have root access check /etc/ssh/sshd_config and look for AllowUsers.  Add the user you are trying to login with and restart the service.
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
As @jason1178 has eluded to, how much control do you have over the server?  I've assumed it was a hosted service where you can't modify config files or restart services... is this not the case?
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
@jason1178: here is the /etc/ssh/sshd_config file:

#	$OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $

# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options change a
# default value.

#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

# Disable legacy (protocol version 1) support in the server for new
# installations. In future the default will change to require explicit
# activation of protocol 1
Protocol 2

# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 1024

# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
SyslogFacility AUTHPRIV
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
#PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10

#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile	.ssh/authorized_keys
#AuthorizedKeysCommand none
#AuthorizedKeysCommandRunAs nobody

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
PasswordAuthentication yes

# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
ChallengeResponseAuthentication no

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
#KerberosUseKuserok yes

# GSSAPI options
#GSSAPIAuthentication no
GSSAPIAuthentication yes
#GSSAPICleanupCredentials yes
GSSAPICleanupCredentials yes
#GSSAPIStrictAcceptorCheck yes
#GSSAPIKeyExchange no

# Set this to 'yes' to enable PAM authentication, account processing, 
# and session processing. If this is enabled, PAM authentication will 
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication.  Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
#UsePAM no
UsePAM yes

# Accept locale-related environment variables
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
AcceptEnv XMODIFIERS

#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#ShowPatchLevel no
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10
#PermitTunnel no
#ChrootDirectory none

# no default banner path
#Banner none

# override default of no subsystems
Subsystem	sftp	/usr/libexec/openssh/sftp-server

# Example of overriding settings on a per-user basis
#Match User anoncvs
#	X11Forwarding no
#	AllowTcpForwarding no
#	ForceCommand cvs server

Open in new window


As you can see, there is no AllowUsers present in the file.  Can you look everything over and suggest any changes?  Also, which service should I restart?  Apache?

@tagit:

how much control do you have over the server?

I pretty much control everything.

I've assumed it was a hosted service where you can't modify config files or restart services... is this not the case?

Maybe you didn't see my comment in ID: 39633737 where I said, "I can control almost everything, IF I knew what I was doing."
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
No must've missed that one *grin*
What about your vsftp config file? Are you wanting SCP/SFTP or is regular ftp ok?
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
OK, remember my comment "IF I knew what I was doing".  Where do I find the vsftp config file?  What is its file name?  Right now, any FTP connection would be great.
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
Ok I'm on the same page now :)

It will be in /etc or /etc/vsftp as vsftp.conf

Please post that
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
Hmm.  No such file?  I even did a whereis vsftp.conf.
0
 
LVL 16

Expert Comment

by:AlexPace
Comment Utility
I guess I was under the mistaken impression that you could only use Plesk.
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
Nope, I guess I am just a multi-talented person. :)
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
/etc/proftpd.conf bring any more luck, given it's plesk?
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
Hi tagit, sorry for the delay...

Here is proftpd.conf:

#
# To have more informations about Proftpd configuration
# look at : http://www.proftpd.org/
#

# This is a basic ProFTPD configuration file (rename it to 
# 'proftpd.conf' for actual use.  It establishes a single server
# and a single anonymous login.  It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.

ServerName			"ProFTPD"
#ServerType			standalone
ServerType			inetd
DefaultServer			on

<Global>
DefaultRoot	~		psacln
AllowOverwrite		on
<IfModule mod_tls.c>
	# common settings for all virtual hosts
	TLSEngine on
	TLSRequired off

	TLSLog /usr/local/psa/var/log/ftp_tls.log

	TLSRSACertificateFile /usr/local/psa/admin/conf/httpsd.pem
	TLSRSACertificateKeyFile /usr/local/psa/admin/conf/httpsd.pem

	# Authenticate clients that want to use FTP over TLS?
	TLSVerifyClient off

	# Allow SSL/TLS renegotiations when the client requests them, but
	# do not force the renegotations.  Some clients do not support
	# SSL/TLS renegotiations; when mod_tls forces a renegotiation, these
	# clients will close the data connection, or there will be a timeout
	# on an idle data connection.
	TLSRenegotiate none

	# As of ProFTPD 1.3.3rc1, mod_tls only accepts SSL/TLS data connections 
	# that reuse the SSL session of the control connection, as a security measure.
	# Unfortunately, there are some clients (e.g. curl) which do not reuse SSL sessions. 
	TLSOptions NoSessionReuseRequired
</IfModule>
</Global>

DefaultTransferMode	binary
UseFtpUsers			on

TimesGMT			off
SetEnv TZ :/etc/localtime
# Port 21 is the standard FTP port.
Port				21
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask				022

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances			30

#Following part of this config file were generate by PSA automatically
#Any changes in this part will be overwritten by next manipulation 
#with Anonymous FTP feature in PSA control panel.

#Include directive should point to place where FTP Virtual Hosts configurations
#preserved

ScoreboardFile /var/run/proftpd/scoreboard

# Primary log file mest be outside of system logrotate province

TransferLog /usr/local/psa/var/log/xferlog

#Change default group for new files and directories in vhosts dir to psacln

<Directory /var/www/vhosts>
	GroupOwner	psacln
</Directory>

# Enable PAM authentication
AuthPAM on
AuthPAMConfig proftpd

IdentLookups off 
UseReverseDNS off

AuthGroupFile	/etc/group

Include /etc/proftpd.include

Open in new window

0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
Thanks, I'll take a look through that.  On the server can you "tail -f /var/log/messages" and try a ftp connection and see if anything is logged.
Repeat for /usr/local/psa/var/log/xferlog if it exists.

Log files are the most logical place to start as they will hopefully indicate an issue.  The ftp daemon is obviously running ok and the connection is made but then dropped so hopefully it will be in the log.
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
Thanks tagit, did what you asked and no joy.  /var/log/messages remains unchanged after an FTP attempt using Filezilla.

/usr/local/psa/var/log/xferlog exists but contains 0 bytes.
0
Free Gift Card with Acronis Backup Purchase!

Backup any data in any location: local and remote systems, physical and virtual servers, private and public clouds, Macs and PCs, tablets and mobile devices, & more! For limited time only, buy any Acronis backup products and get a FREE Amazon/Best Buy gift card worth up to $200!

 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
My gut feeling is that it is an authentication issue around anonymous connections but I can't be sure.

It would be a good idea to backup that conf file, ie cp /etc/profited.conf /etc/proftpd.conf.bak

And try these configurations in the order on the page as they are known to work,  I would still comment out the standalone and use inetd but that would be the only change.

http://www.proftpd.org/docs/example-conf.html
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
Sorry tagit.  Kinda late here and I gotta go to bed.  I'll try these in the morning.

Thanks!
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
no problem - end of my day as well so that works in nicely :)
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
Hey tagit,

Sorry, today I got tied up with some unexpected urgencies.  I went ahead and made a backup of the proftpd.conf file and copied the basic example to the server.  Then it occurred to me, "Do I need to restart something in order for this configuration file to load?"  I did some checking and it appears that I do need to restart proftpd on the server.  This article at http://www.proftpd.org/docs/howto/Stopping.html tells me that there may be several proftpd processes running at once, and so, being curious, I checked using a ps aux | grep proftpd command.  I found no processes.

Doesn't this mean that proftpd is not running?  Should it be?  Could another FTP process be running instead?

Thanks.
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
I also had the same thought and have been meaning to come back to you! :)  Yes you would need to restart it.

We may end up trying to run it as a standalone but for now try with the service.

/etc/init.d/proftpd restart

What does that spit out at you?
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
It spits out

-bash: /etc/init.d/proftpd: No such file or directory

Open in new window


besides, the way proftpd is started and stopped appears to be through the use of signals (see the article I posted above.)
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
I've been referencing the same article you posted.  You've specified inetd as the ServerType so there should be a a relevant script in /etc/init.d relating to the ftp server.

If there isn't a script in that directory then it hasn't been installed as a service.

If that's the case then change the server type to be standalone and start the server manually to check that it works before installing it as a service.

so in the conf file comment out the line ServerType inetd and uncomment the line above ServerType standalone.

at the shell, /usr/local/sbin/proftpd
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
Ok tagit, sorry again.  The urgencies of the day have left me beat.  I gotta go again.  I'll work on this tomorrow.

Thanks!
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
no worries - catch up with you tomorrow
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
Sorry about that tagit.  I was really bushed after yesterday's events.

Ok, I went ahead and did as you suggested, inspecting /etc/init.d/ for any suggestions of an ftp server.  I found none.

Here is the folder contents so you can take a look at it.  Maybe I missed something:

# ls -alhls
total 352K
4.0K drwxr-xr-x.  2 root root 4.0K Nov 14 03:49 .
4.0K drwxr-xr-x. 10 root root 4.0K Sep 17 13:23 ..
4.0K -rwxr-xr-x.  1 root root 1.3K Feb 22  2013 abrt-ccpp
4.0K -rwxr-xr-x.  1 root root 1.6K Feb 22  2013 abrtd
4.0K -rwxr-xr-x.  1 root root 1.7K Feb 22  2013 abrt-oops
4.0K -rwxr-xr-x.  1 root root 1.7K Aug 18  2010 acpid
4.0K -rwxr-xr-x.  1 root root 2.1K Jan 30  2012 atd
4.0K -rwxr-xr-x.  1 root root 3.3K Jun 22  2012 auditd
4.0K -r-xr-xr-x.  1 root root 1.4K Feb 21  2013 blk-availability
4.0K -rwxr-xr-x   1 root root 2.1K Aug 18 23:16 courier-authdaemon
4.0K -rwxr-xr-x   1 root root 2.2K Jul 10 06:12 courier-imapd
4.0K -rwxr-xr-x   1 root root 2.3K Jul 10 06:12 courier-imaps
4.0K -rwxr-xr-x   1 root root 2.2K Jul 10 06:12 courier-pop3d
4.0K -rwxr-xr-x   1 root root 2.4K Jul 10 06:12 courier-pop3s
 12K -rwxr-xr-x.  1 root root  12K Feb 21  2013 cpuspeed
4.0K -rwxr-xr-x.  1 root root 2.8K Jul 18  2011 crond
8.0K -rwxr-xr-x   1 root root 4.5K Nov  9  2012 drwebd
 20K -rw-r--r--.  1 root root  18K Jan  9  2013 functions
4.0K -rwxr-xr-x.  1 root root 1.8K Jul 19  2011 haldaemon
8.0K -rwxr-xr-x.  1 root root 5.7K Jan  9  2013 halt
4.0K -rwxr-xr-x   1 root root 2.0K Aug 13 10:30 htcacheclean
4.0K -rwxr-xr-x   1 root root 3.3K Aug 13 10:30 httpd
 12K -rwxr-xr-x.  1 root root 9.3K Feb 21  2013 ip6tables
 12K -rwxr-xr-x.  1 root root 9.2K Feb 21  2013 iptables
4.0K -rwxr-xr-x.  1 root root 1.9K Oct 12  2012 irqbalance
4.0K -rwxr-xr-x   1 root root  261 Sep 20 17:00 jira
 16K -rwxr-xr-x.  1 root root  16K Feb 21  2013 kdump
4.0K -rwxr-xr-x.  1 root root  652 Jan  9  2013 killall
4.0K -r-xr-xr-x.  1 root root 2.1K Feb 21  2013 lvm2-lvmetad
4.0K -r-xr-xr-x.  1 root root 2.7K Feb 21  2013 lvm2-monitor
8.0K -rwxr-xr-x   1 root root 4.2K Nov 20  2012 mailman
4.0K -rwxr-xr-x.  1 root root 2.6K Dec  6  2012 mdmonitor
4.0K -rwxr-xr-x.  1 root root 2.2K Sep 13  2012 messagebus
8.0K -rwxr-xr-x   1 root root 5.4K Apr 25  2013 mysqld
8.0K -rwxr-xr-x   1 root root 7.2K Aug 27 08:55 named
4.0K -rwxr-xr-x.  1 root root 3.0K Jan  9  2013 netconsole
8.0K -rwxr-xr-x.  1 root root 5.4K Jan  9  2013 netfs
8.0K -rwxr-xr-x.  1 root root 6.2K Jan  9  2013 network
4.0K -rwxr-xr-x   1 root root 3.9K Jun  6 21:49 nginx
4.0K -rwxr-xr-x.  1 root root 1.9K Jan 10  2013 ntpd
4.0K -rwxr-xr-x.  1 root root 1.9K Jan 10  2013 ntpdate
4.0K -rwxr-xr-x   1 root root 2.0K Aug 18 23:18 pc-remote
4.0K -rwxr-xr-x   1 root root 2.0K Apr  3  2012 portreserve
4.0K -rwxr-xr-x   1 root root 3.6K Apr  1  2013 postfix
 16K -rwxr-xr-x   1 root root  14K Nov 14 03:49 psa
4.0K -rwxr-xr-x.  1 root root 1.6K Jul 17  2012 psacct
4.0K -rwxr-xr-x.  1 root root 2.0K Oct  2  2012 quota_nld
4.0K -rwxr-xr-x.  1 root root 1.6K May 19  2009 rdisc
4.0K -rwxr-xr-x.  1 root root 1.8K Feb 21  2013 restorecond
4.0K -rwxr-xr-x.  1 root root 1.8K Dec 17  2011 rngd
4.0K -rwxr-xr-x.  1 root root 2.0K Jan  9  2013 rsyslog
4.0K -rwxr-xr-x.  1 root root 1.7K Feb 21  2013 sandbox
4.0K -rwxr-xr-x.  1 root root 2.1K Nov 20  2012 saslauthd
4.0K -rwxr-xr-x.  1 root root  647 Jan  9  2013 single
4.0K -rwxr-xr-x.  1 root root 3.0K Feb 21  2013 smartd
8.0K -rwxr-xr-x.  1 root root 4.5K Feb 21  2013 sshd
4.0K -rwxr-xr-x   1 root root 2.7K Jun  6 02:32 sw-cp-server
4.0K -rwxr-xr-x   1 root root 1.4K Jul 31 19:57 sw-engine
4.0K -rwxr-xr-x.  1 root root 1.2K Jun 22  2012 sysstat
4.0K -rwxr-xr-x.  1 root root 2.3K Feb 21  2013 udev-post
4.0K -rwxr-xr-x   1 root root 3.5K Feb 21  2013 xinetd
 12K -rwxr--r--.  1 root root  12K Sep 17 13:26 zzz_panel_install
#

Open in new window


There is no reference to inetd, however there is an xinetd listed.  This does not surprise me though since I could find no trace of proftpd running, so of course its configuration file could reference anything it wants.

It appears to me like you want to get proftpd running, however.  Are you saying that there could be an absence of an ftp service that could be the cause of the connection problems?  How is that possible with Plesk installed?
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
Peak it's just a front end tool to make it easier to use these scripts much like webmail or cpanel. It's not like it installs anything else, like ftp.
Webmin is a little different as it will download and install packages where as cpanel/plead allure you to configure existing packages.
Have you tried to start the server manually?
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
@tagit:

Wow, I am so sorry.  I didn't even know you had responded, and I got busy doing some other things.  If you are still with me, here is my response to your last comments:

Peak it's just a front end tool to make it easier to use these scripts much like webmail or cpanel. It's not like it installs anything else, like ftp.
Webmin is a little different as it will download and install packages where as cpanel/plead allure you to configure existing packages.


Um, you have me lost here.  Exactly why did you mention this, and where in our discussion did these items come up?

Have you tried to start the server manually?

If you mean by the word "manually" the physical switching on of a power switch, then no.  I do not have access to that.

If you mean by using a direct restart command to stop and restart apache, then yes I have tried this.
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
Hey no problem, I got busy myself :)

In your last comment:
Are you saying that there could be an absence of an ftp service that could be the cause of the connection problems?  How is that possible with Plesk installed?

That is what made me explain a little about what plesk is.

By manually I mean at the command prompt: /usr/local/sbin/proftpd
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
Thanks for being so understanding tagit, you are a great expert!  And nice job, BTW, on that CreateJS question.  I was only guessing, but it's obvious you know what you are doing.

Also thanks for explaining a bit about plesk, however it appeared to me when you talked about Peak, Webmin and CPanel that you were talking about plesk alternatives.  If this is not the case, are these components of the plesk system?

Ok, so in asking me about starting the server manually, and using proftpd in your last comment, am I to assume that you want me to start an instance of proftpd on the server?  As I mentioned before, it does not appear that proftpd is currently running, and I cannot identify any other ftp services present (course, I couldn't identify an ftp service if one were to jump out and hit me in the head.)
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
Thanks for the kind words :). As for the createjs, it's just a javascript class with a well documented api, once you know that it's not difficult.

Cpanel is a direct equivalent and is the most other common interface to webservers.  As for webmin, I've suggested it because it is very helpful getting services to install and run.  Given how much control you have over this server I would suggest installing it at least until you get things working.  Cpanel and plesk as I understand it just allow you to configure existing services where admin control isn't necessarily required.

So yes, try and start the server manually by creating an instance at the command line.  Keep your ssh session open once it starts successfully and you start testing an FTP connection as the instance will be bound to your ssh session.  We'll fix that later when it works.
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
As for the createjs, it's just a javascript class with a well documented api, once you know that it's not difficult.

See, it is attitudes like this that make people great.

You know, as far as installing other gui's, if it's all the same to you, I'd really like to stay away from that if at all possible.  I've had some major nightmares having installed CPanel under other circumstances doing some things that I was not aware of and messing with systems I thought should work a certain way and they didn't.  At this point I am trying to simply systems to the extent possible to avoid further headaches in the future.

Now, as far as the last paragraph in you comment is concerned:

So yes, try and start the server manually by creating an instance at the command line.

Ok, once again, I am assuming you mean proftpd?  You want me to do as you suggested in your comment ID: 39650289 with regards to changing the server type to standalone?
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
Understand about your hesitation with installing webmin, just mentioned it as a last resort.

yes please start proftpd as indicated in http:#39650289
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
WOW tagit, YOU ARE A GENIUS!!!!!!

Using the basic proftpd configuration from the http://www.proftpd.org/docs/example-conf.html page you gave me, and making a few minor modifications (had to specify server user and group and there was an unknown directive DisplayFirstChdir which I changed to DisplayChdir), and using the sample init.d file example from http://www.proftpd.org/docs/howto/Stopping.html, I was able to connect using basic FTP to the server.

I would have already awarded points and a pat on the back to you, but I still cannot connect using SFTP.  Is there a way to modify the proftpd.conf file to allow such connections?
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
Alright!  Finally getting somewhere :)
I haven't implemented sftp using proftpd but it looks like it's a third party add on
http://www.proftpd.org/docs/contrib/mod_sftp.html#Installation
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
http://www.proftpd.org/docs/howto/TLS.html
A how to guide on setting up sftp from their site
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
Yeah, I know, it's been a long haul!  And you've stuck with me all the way. :)

Doesn't http://www.proftpd.org/docs/howto/TLS.html deal with FTPS, not SFTP?
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
Yeah it does but I've suggested it because it is native to proftpd. Was there a reason you wanted to use one Over the other?
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
Sftp is via a third party as mentioned in a few posts backso not sure how you feel about that?
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
For sftp to work,  my understanding is that all the configuration will happen via sshd and is nothing to do with proftpd at all but I could be wrong.  The third party add on I was referring to bridges that gap
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
Yeah, I'm not into the multiple TCP connections required for the FTPS protocol.  There's a good writeup on that here: http://www.proftpd.org/docs/contrib/mod_sftp.html.

Third party is not necessarily bad.  I know I am taking a risk, but I think everyone deserves a chance to prove themselves, and if there were any serious problems with that mod, I would think that somebody would have posted on the website to that effect somewhere by now.

In checking over the server though, it looks like the proftpd source code is not present, which makes my following the instructions for installing the SFTP mod extremely difficult.

Ok, so tell me, you didn't see any ftp services on the server either, didn't you?  That's why you were suggesting implementing the proftpd service, isn't that right?  Is there a reason you chose proftpd to use as the ftp service?

Sorry for all the questions, but I really want to learn from this experience.
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
Yeah I can understand that about the multiple connections.

It is possible that your version may have been compiled with mod_sftp module but you would need to check by running: proftpd -l.  If it's not there then we'll reassess

As for why proftpd?  Well it was already on your system and was showing up in plesk.  you can obviously use another flavour of ftp server but seeing as you've come this far I would persist.  I didn't want to muddy the waters suggesting something else when that should work fine for what you want.

I actually think it's great you asking all these questions, especially for anyone who will come across this thread in the future.  I'm also finding it beneficial as I'm needing to research this area quite a bit given the nature of the implementation.
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
Yeah proftpd -l revealed that mod_sftp is not included in the compiled version.  Not sure where I will go from here.

Well, I can only hope that I will be able to identify ftp services in the future.  Yeah, I was thinking that this is an excellent thread and should serve as an outstanding resource to someone who runs into a similar situation in the future.

I'm also finding it beneficial as I'm needing to research this area quite a bit given the nature of the implementation

Why tagit, my balloon just popped!  Here I was thinking, "Man, is this guy one heck of a server expert or what?  Look at all the knowledge he has in his head!"

Well, I guess even the greatest experts have to do their research, right? ;)
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
Yeah I shouldn't tell you my secrets!  It's impossible to store all this stuff in your head and anyone who says they do is lying ;). There's a difference though between a "google monkey" and an expert in that the expert understands the stuff being researched and translate it if necessary AND has experience in the area :)
I'd have open book exams at university for exactly that reason (engineering).  You had to know the fundamentals or you'd be found out :) (also took took too long to find them)
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
What have you got in your /etc/ssh/sshd_config? Anything relating to sftp eg
Subsystem       sftp    /usr/libexec/sftp-server
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
LOL!  Your secrets are safe with me. :)

Yeah I remember my days at the university... That's a good defense of the "open book" approach.  You are right, it isn't necessary (especially nowadays) to know everything, just to be able to correctly (and quickly) find, interpret, and implement the right knowledge based on experience.  Still shows you're a great expert!

Here's sshd_config:
#	$OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $

# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options change a
# default value.

#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

# Disable legacy (protocol version 1) support in the server for new
# installations. In future the default will change to require explicit
# activation of protocol 1
Protocol 2

# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 1024

# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
SyslogFacility AUTHPRIV
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
#PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10

#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile	.ssh/authorized_keys
#AuthorizedKeysCommand none
#AuthorizedKeysCommandRunAs nobody

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
PasswordAuthentication yes

# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
ChallengeResponseAuthentication no

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
#KerberosUseKuserok yes

# GSSAPI options
#GSSAPIAuthentication no
GSSAPIAuthentication yes
#GSSAPICleanupCredentials yes
GSSAPICleanupCredentials yes
#GSSAPIStrictAcceptorCheck yes
#GSSAPIKeyExchange no

# Set this to 'yes' to enable PAM authentication, account processing, 
# and session processing. If this is enabled, PAM authentication will 
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication.  Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
#UsePAM no
UsePAM yes

# Accept locale-related environment variables
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
AcceptEnv XMODIFIERS

#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#ShowPatchLevel no
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10
#PermitTunnel no
#ChrootDirectory none

# no default banner path
#Banner none

# override default of no subsystems
Subsystem	sftp	/usr/libexec/openssh/sftp-server

# Example of overriding settings on a per-user basis
#Match User anoncvs
#	X11Forwarding no
#	AllowTcpForwarding no
#	ForceCommand cvs server

Open in new window


As you can see we almost have an exact match to your example Subsystem line on line 132.
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
Which would lead me to believe that there is an Sftp server listening on port 22 but you've tried an sftp connection on port 22 right?
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
Yes, see my comment at ID: 39627799.
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
I wish I'd seen that sooner as filezilla doesn't handle sftp too well - something to do with a new version of ssh protocol.  when i find the reference i'll let you know.

have you tried WinSCP?  http://winscp.net/eng/docs/free_sftp_client_for_windows  
My preferrred for data transfer over ssh
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
Yep.  See my comment ID: 39631510.

You are forgetting how awesome this thread is.  We are addressing nearly every aspect of the problem.
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
Ok - i'll check in later... gotta head off for a bit but I aint leaving till we've solved this!
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
No problem, it's late for me so we can pick up tomorrow.  Thanks again tagit for all you are doing!
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
I don't suppose you could post a link to this site? even just to test winscp from my end?
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
sorry to say it seems I've led you on a bit of a wild goose chase... we're now back to that point of wondering why ssh works but sftp doesn't.
When you did connect the first time with winscp, were you prompted with accepting the key?

some screenshots of connecting to my webserver using sftp via winscp

key
log
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
Sure, we'll pick it up tomorrow
0
 
LVL 16

Expert Comment

by:AlexPace
Comment Utility
Check the directory permissions for the user's home folder.
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
Hi tagit,

When you did connect the first time with winscp, were you prompted with accepting the key?

Yes.

Check the directory permissions for the user's home folder

Permissions on most files and folders are set at 644 with the exception of the executables which are set at 755.  The owner matches the name of the ftp user.
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
Are you using the same user as you use for ssh?
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
Can you also confirm that this exists: /usr/libexec/openssh/sftp-server
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
Are you using the same user as you use for ssh?

No, the ftp user is limited to access to the website.  I access the server through SSH using the root user.

Can you also confirm that this exists: /usr/libexec/openssh/sftp-server

Absolutely.  A 64 KB file by that very name exists on the server.
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
Ok I want you to try logging in as the root user using winscp. Does that work?
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
Wow, yes it does.  But that's not good.  That's not the desired effect of my sftp connections.  I definitely don't want people to be able to sftp the entire server.

Why can the ftp user connect just fine through standard ftp, but not through sftp?
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
Sure I understand that but what we've now proved is that there's nothing wrong with the server :)
ftp, ssh and sftp all work as they should.  It's now a matter of setting up users as you need for sftp. sftp uses ssh users not ftp usrs to connect which is why i suspect it hasn't been working.
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
The other way is to use proftpd and the third party add on to implement sftp but I haven't done that.
My understanding is This way you add users using proftpd.  guessing this is more what you want rather than trying to add users to Linux. How many users are we talking about?
I'll Look into it and let you know.
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
Actually, we just need one.  Because access is limited, anyone who needs access can use the same user.
0
 
LVL 42

Accepted Solution

by:
Rob Jurd, EE MVE earned 500 total points
Comment Utility
http://www.thegeekstuff.com/2012/03/chroot-sftp-setup/
Will Walk you throughwhat you need to do but essentially it is adding a new system user with tier own group.  This is incorporated into the ssh config so that this user can only sftp and does not have shell access.
Happy towalk through it with you
1
 
LVL 17

Author Closing Comment

by:OmniUnlimited
Comment Utility
Not necessary tagit.  That article is written so that even a dummy like myself can understand it.

Outstanding job.  I really, really appreciate all your kind help and assistance.  If your ever out in the San Diego area let me know and I'll take you to lunch.
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
My pleasure OmniUnlimited :)  I get a lot out of these kind of questions so thank you too.

I may just be out your way early to mid next year (which isn't all that far away is it?) so I'll look you up if i do.

I would attach a copy of the article but it's against their copyright.  What would be useful, if you wouldn't mind, is to update this thread with what you've done from this point to get it to work for you.  As we've mentioned this would be a great thread to keep available for other experts coming across the same or similar issue.

Cheers,

Rob (tagit)
0
 
LVL 17

Author Comment

by:OmniUnlimited
Comment Utility
Really?  I thought you were out there in Australia or something.  It would be great to be able to meet you.

I will update the thread per your request once I have everything set up and working.  Thanks again, and I'll see you around EE.

Best Regards,

Jason
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
Comment Utility
Yeah I do live in Australia but my father in law is from LA and going back for a reunion next year.

Thanks Jason,

Rob
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Adobe Dreamweaver CS5 is a WYSIWYG web page editor that has advanced HTML, CSS, and Javascript rendering functionality and is probably the most well-known HTML editor available. Much of Dreamweaver's appeal centers around the Design View interfac…
Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now