vsftpd help

[Mighty3k]

Hi!

I think I managed to install vsFTPd and configure it the way I want. But it's not working.
When I start vsFTPd it's not complaining about any errors in the config, it just starts.

But I can't connect from any other computer, not even from on in my local network.

No route to host the error is.. Whats the problem?
_________________
---
Mighty

[ikaro]

"no route to host" means exactly that.. there is no route to the host.
Either the IP of the server is down or the address impossible.

try to post a bit of your configuration, and how the machines are networked.
_________________
linux: #232767

[Mighty3k]

I got it to work..

However, how do you specify users and their respective home directory?
_________________
---
Mighty

[Mighty3k]

I got it to work..

However, how do you specify users and their respective home directory?
_________________
---
Mighty

[Corax]

If you allow only a few users to connect to your server, you could create them directly on your system, collect them in a login group, say ftp_users, and lock all other directories (/bin and /etc have to be executable for them!) for that group using Access Control Lists. If you intend to administer a lot of users on your server, you won't be able to avoid handling with mysql and cyrus-asl and so on. There are a lot of posts that cope with this topic.
_________________
There's no such priest //
that can pray me to heaven.
-- Nightwish, "Bare grace misery"

[Corax]

PS: remember to set

[Mighty3k]

I don't know how do to that

This is my first time on linux, I just need to set up an ftp server with 3 users, 1 guest, 1 semi-admin who can upload files and create dir's and 1 user who can do "everything".
_________________
---
Mighty

[Rad]

Maybe vsftpd is a bit hard then, unless you find a detailed howto. I suggest you try pure-ftpd (and pureadmin, if you want a GUI), they're ... a bit less intertwined with linux standard stuff like PAM and so on.

[Corax]

To ensure a good start: read the manpage for vsftpd.conf. All settings are explained there. Then, create the users you wish to be able to connect to that server. Assign them to an arbitrary group (either when creating them with useradd or later by usermod). This CHROOT_LOCAL option ensures, that ordinary users aren't allowed to leave their home directories via ftp. Locking all other directories is not mandatory, but is for security reasons, just for the case... (In my case it was necessary, because I had symlinks that pointed to directories outside their directory tree. So I had to take care, that they could enter these certain directories, but not the other, essential ones.) vsftpd also offers options and lists that control, which users can do certain things and not. This server is really versatile. If that is too much, look for other servers, that can be configured more easily - proFTP comes to my mind.
_________________
There's no such priest //
that can pray me to heaven.
-- Nightwish, "Bare grace misery"

[ikaro]

pure-ftpd is niiiice:)
and there is a nice GTk2 gui : pureadmin.

ps: get the source from the website, because the package in portage its a bit old.
_________________
linux: #232767

[destuxor]

I use and love VSFTPD. I don't do passworded FTP (SFTP/SCP rocks), though. About having a privaledged user...what you could do is create those five user accounts like this:
/home/administrator = home for administrative user account (permissions: 700) -- this assumes administrative user account is in a different group.
/home/administrator/semiadmin = home for semi-administrator user account (permissions: 707)
/home/administrator/semiadmin/reguser1 = home for underprivaledged user account (permissions: 557 -- read-only for user, semi-admin can read, admin can read/write)
/home/administrator/semiadmin/reguser2 = home for second underprivaleged user account (permissions: 557)
/home/administrator/semiadmin/reguser3 = home for third underprivaleged user account (permissions: 577 -- this lets semi-admin read/write; you might need that.)

Now lock users into their home directories (CHROOT_LOCAL = YES) and you're golden!

A great tool for adding user accounts is superadduser (emerge superadduser). If you aren't up to speed on the permissions stuff read up on the chmod manpage. You can change ownership, if necessary, with the chown command. Be smart with /etc/vsftpd/ftpusers too, usage of this file depends on what you've got set in the vsftpd.conf.


Hehe I like my way best. Ten minutes to setup tops. Thar's some quality engineering thur

Edit: The correct syntax is CHROOT_LOCAL_USER = YES, not CHROOT_LOCAL = YES. Original text left unchanged.

[Mighty3k]

Maybe it'd be easier to get help if you guys knew exactly what I want.

I need a server to upload movies and stuff on (legal home made ). Me and my friends are doing crazy stuff. And we have a site which we want our visitors to be able to download our work from. The webserver and ftp-server are completly separated. What we need is a server with 1 user who can access all files and download them via the website. And 1 user who can upload files. (Yeah, I know, I changed my mind).

Can someone please describe to me with all commands and things I need to do to get this working? As I said I'm completly new to linux and do not have very much experience. And I can't find any more documentation on vsftpd then the one about the config file and I can't figure out how to do it from just that.

All help is greatly appretiated! Our site has been down for 3 months now and we are eager to get it up!

It don't have to be more complicated than that!

And I can add that I don't have any windowmanager so I guess it will be pretty hard to get that pureftp with a GUI.
_________________
---
Mighty

[ikaro]

pure-ftpd can also be managed with a terminal.

[destuxor]

See if this works for /etc/vsftpd/vsftpd.conf:

[Mighty3k]

What did I do wrong if I can't login with the downloader/uploader account? ^^

THANK YOU!! very much btw.

don't know if I did something wrong or if you missed something.
However it feels like some progress are made
_________________
---
Mighty

[destuxor]

Well, first thing is to make sure that the VSFTPD daemon is started:

[Mighty3k]

THANK YOU!!
You are seriously my god!!

It works!
_________________
---
Mighty

[destuxor]

Yayyyayy! Glad I could help! Now to reuse what I wrote in a howto on my website...

[Mighty3k]

Just one more question ;P

The server works just fine locally, but not from outside my network.
Port 20-21 are redirected to the server but I still get "Connection refused" messages..

Are vsftpd using other ports or, yeah.. how do I fix it? ^^
_________________
---
Mighty

[destuxor]

In the config file I see these that you could play with. Do you have a firewall for your network blocking port 21?

[Mighty3k]

As I said port 20-21 are redirected to my server.
And I added the connect_from_port_20=YES to my config.
It doesn't make any difference.
_________________
---
Mighty

[destuxor]

I think I made a mistake with this.

[Mighty3k]

Haha, it was my friends computer that was screwed up
I managed to connect today, but it seems like the user uploader has no permissions at all, can't list directories, download, upload.. anything.. :S
How do I change the permissions?

Btw, I haven't checked what downloader can do..
_________________
---
Mighty

[destuxor]

Does adding this to the config fix it?

[Mighty3k]

actually, when I looked in ftpusers, they were not there^^
I musted av missed the part where I was supposed to get it there ;D

but even after adding that to the file it didn't work.. dirmessage stuff..
_________________
---
Mighty