[olug] vsftpd Suse 9.0

Thom Harrison id4spam at cox.net
Sat Apr 3 15:10:16 UTC 2004


Eric,

I'm running vsftpd on SuSE 9.0 too. I've tried to set it up as if it 
were a ReadOnly Anonymous vsftp server but with the additional password. 
You can connect to it:

linux:/ # ftp thom.homelinux.com
Connected to ip68-225-168-172.om.om.cox.net.
220 "Welcome to Smopuim FTP service."
Name (thom.homelinux.com:root): ftp
331 Please specify the password.
Password: ftp$thom
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd etc
250 Directory successfully changed.
ftp> dir
229 Entering Extended Passive Mode (|||42427|)
150 Here comes the directory listing.
-r--r--r-- 1 ftp ftp 6076 Apr 03 14:46 vsftpd.conf
-r--r--r-- 1 ftp ftp 4 Apr 03 14:46 vsftpd.userlist
226 Directory send OK.
ftp>

You can download my vsftpd.conf and vsftpd.userlist files. ( both belong 
in /etc/ )
/etc/vsftpd.userlist allows only specific IDs to connect.

When I set it up I also had some directory permissions issues so I'm 
showing them below.

linux:/ # cd /srv
linux:/srv # ll
total 16
drwxr-xr-x 4 root root 4096 Mar 14 17:42 .
drwxr-xr-x 23 root root 4096 Apr 2 23:58 ..
drwxr-xr-x 5 root root 4096 Mar 21 18:49 ftp
drwxr-xr-x 6 root root 4096 Jan 3 06:26 www

linux:/srv # cd ftp
linux:/srv/ftp # ll
total 20
drwxr-xr-x 5 root root 4096 Mar 21 18:49 .
drwxr-xr-x 4 root root 4096 Mar 14 17:42 ..
drwxr-xr-x 11 ftp ftp 4096 Mar 13 07:18 custom
drwxr-xr-x 2 ftp ftp 4096 Mar 18 05:54 etc
dr-xr-xr-x 2 ftp ftp 4096 Mar 13 06:55 knock

linux:/srv/ftp # cd etc
linux:/srv/ftp/etc # ll
total 20
drwxr-xr-x 2 ftp ftp 4096 Mar 18 05:54 .
drwxr-xr-x 5 root root 4096 Mar 21 18:49 ..
-r--r--r-- 1 ftp ftp 6076 Apr 3 08:46 vsftpd.conf
-r--r--r-- 1 ftp ftp 4 Apr 3 08:46 vsftpd.userlist
linux:/srv/ftp/etc #

netstat -a | head shows: ( ftp is port 21 )

tcp 0 0 *:ftp *:* LISTEN

iptables -L shows:

ACCEPT tcp -- anywhere anywhere tcp dpt:ftp-data
ACCEPT udp -- anywhere anywhere udp dpt:ftp-data
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp
ACCEPT udp -- anywhere anywhere udp dpt:fsp


I've also got a manual vsftpd iptables -L rule that I can run in 
/custom/cmds/afa
You can download that too.

afa=Allow Ftp Access
awa=Allow Web Access
asa=Allow Ssh Access
ava=Allow Vnc Access

Since I'm simply playing around with these things I generally don't keep 
them accessible, so I run the appropriate script when needed.


Eric Penne wrote:

> I can't seem to get vsftpd to accept a connection on a newly installed 
> Suse 9 machine. http and ssh work but not ftp.
>
> netstat -pant:
> tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 760/portmap
> tcp 0 0 0.0.0.0:6000 0.0.0.0:* LISTEN 1873/X
> tcp 0 0 XXX.XXX.XXX.36:21 0.0.0.0:* LISTEN 2786/vsftpd
> tcp 0 0 0.0.0.0:631 0.0.0.0:* LISTEN 931/cupsd
> tcp 0 0 :::80 :::* LISTEN 1962/httpd2-prefork
> tcp 0 0 :::22 :::* LISTEN 827/sshd
>
>
>
> I told it to listen to my IP address. If I remove the manual ip 
> address line from the vsftpd file it listens on 0.0.0.0:21. I can ftp 
> to the machine from itself but I can't connect from any outside 
> machines with either address. I'd be happy to give you the main 
> address but I'm still inthe process of shutting down services and 
> reading the config files closely.
>
> All the lines in hosts.allow are commented out.
>
> hosts.deny:
> http-rman : ALL EXCEPT LOCAL
>
>
> do I need to specifically add something to hosts.allow to allow 
> outside machines?
>
> I notice that the 2 external services that are working look like they 
> have ::: instead of x.x.x.x for IPs. Is that significant.
>
> I don't think I configured a firewally on this machine but I'm not 
> ruling it out. How do I check to see if I have any rules that may be 
> impeding?
>
> Thanks
> Eric Penne
>
>
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> http://lists.olug.org/mailman/listinfo/olug
>


More information about the OLUG mailing list