PDA

View Full Version : Using FTP


latcarf
30th August 2005, 01:35
I installed ProFTP using the Perfect Install FC4 HowTo now I need to know HowTo use it! :D

I have only used FTP via WS_FTP client before. After much research and testing I have determined that ptoftpd.conf seems to be correct and I can log into ftp as anonymous via the console but I am not sure what to do after that. I found a small tut and tried a command but these are the results: [Lance@server1 ~]$ ftp ftp.thefractalfarm.net
Connected to server1.thefractalfarm.net.
220 192.168.2.3 FTP server ready
500 AUTH not understood
500 AUTH not understood
KERBEROS_V4 rejected as an authentication type
Name (ftp.thefractalfarm.net:Lance): anonymous
331 Anonymous login ok, send your complete email address as your password.
Password:
230 Anonymous access granted, restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> put bookmarks.html /Lance/test
local: bookmarks.html remote: /Lance/test
227 Entering Passive Mode (192,168,2,3,128,107).
550 /Lance/test: Permission denied
ftp> put bookmarks.html /ftp
local: bookmarks.html remote: /ftp
227 Entering Passive Mode (192,168,2,3,128,108).
550 /ftp: Permission denied
ftp> put bookmarks.html /home/ftp
local: bookmarks.html remote: /home/ftp
227 Entering Passive Mode (192,168,2,3,128,109).
550 /home/ftp: Permission denied
ftp> quit
221 Goodbye.
[Lance@server1 ~]$

Am I do something wrong? Note that this is on the same box that has my ftp server also and I am not using ISPConfig.

Does anyone know how I would use WS_FTP from my MS machine to connect to my FTP? I have tried anonymous with my e-mail as password and I get "failure to connect to ftp.thefractalfarm.net". I can however use the browser on my MS box to go to my FTP site. Would drop and drag work there, didn't think to try it. :confused:

domino
30th August 2005, 09:34
try this post on the second page: http://www.howtoforge.com/forums/showthread.php?t=196&highlight=fedora

It helped me log in on my ftp client on Fedora 4. Also try passive on/off.

latcarf
31st August 2005, 02:34
okay... I created the pam.d/ftp file. Whether that helped or not don't know for sure but I was able to log in as anonymous and as user.

I guess I need to know what commands can be used and what they are used for. I'll check ProFTPDs home page for that.

Meantime... I switched over to my MS box and tryed to log in using WS_FTP as the same user I logged in via console and still couldn't get it to connect. Actually the window at the bottom of WS_FTP that shows status and progress indicates "Connecting to MYIP:21", then "connected to MYIP Port 21. But then it gives "! Receive error: connection reset" followed by "Connection failed ftp.mydomain.net"

Anybody have any idea what I might be doing wrong? I checked my router and Port 21 is open.

till
31st August 2005, 08:46
okay... I created the pam.d/ftp file. Whether that helped or not don't know for sure but I was able to log in as anonymous and as user.

I guess I need to know what commands can be used and what they are used for. I'll check ProFTPDs home page for that.

Meantime... I switched over to my MS box and tryed to log in using WS_FTP as the same user I logged in via console and still couldn't get it to connect. Actually the window at the bottom of WS_FTP that shows status and progress indicates "Connecting to MYIP:21", then "connected to MYIP Port 21. But then it gives "! Receive error: connection reset" followed by "Connection failed ftp.mydomain.net"

Anybody have any idea what I might be doing wrong? I checked my router and Port 21 is open.

Have you checked that your proftpd is listening on all IP's and not only on 127.0.0.1?

falko
31st August 2005, 23:26
okay... I created the pam.d/ftp file. Whether that helped or not don't know for sure but I was able to log in as anonymous and as user.

I guess I need to know what commands can be used and what they are used for. I'll check ProFTPDs home page for that.

Meantime... I switched over to my MS box and tryed to log in using WS_FTP as the same user I logged in via console and still couldn't get it to connect. Actually the window at the bottom of WS_FTP that shows status and progress indicates "Connecting to MYIP:21", then "connected to MYIP Port 21. But then it gives "! Receive error: connection reset" followed by "Connection failed ftp.mydomain.net"

Anybody have any idea what I might be doing wrong? I checked my router and Port 21 is open.

Have you tried to use "Passive Transfers" in your FTP client? In most cases this solves firewall problems.

latcarf
31st August 2005, 23:42
till... Where do I check to see what IPs it is listening on? I just checked proftpd.conf and do not see anything regarding IP and FTP does not seem to be listed in the System Settings> Server Settings.

falko... hope your having a good holiday! I checked WS_FTP and passive is not one of the options it seems, been running on auto detect.

Thanks :)
Lance

till
1st September 2005, 10:46
till... Where do I check to see what IPs it is listening on? I just checked proftpd.conf and do not see anything regarding IP and FTP does not seem to be listed in the System Settings> Server Settings.

Try this command and please post the output to the forum:

netstat -tap | grep ftp

latcarf
2nd September 2005, 02:31
Try this command and please post the output to the forum:

netstat -tap | grep ftp

[root@server1 ~]# netstat -tap | grep ftp
tcp 0 0 *:ftp *:* LIST EN 21008/proftpd: (acc
[root@server1 ~]#There wasn't anything after (acc...

I'm a newb but this doesn't look right! :confused:

I did some searching on the internet but couldn't find a whole lot regarding IP info for FTP except for stuff on <virtual host> and masqurading. From what I read it did not seem to apply to what I need. Hope you can help!

thanks
Lance

till
2nd September 2005, 08:28
[root@server1 ~]# netstat -tap | grep ftp
tcp 0 0 *:ftp *:* LIST EN 21008/proftpd: (acc
[root@server1 ~]#There wasn't anything after (acc...

I'm a newb but this doesn't look right! :confused:

I did some searching on the internet but couldn't find a whole lot regarding IP info for FTP except for stuff on <virtual host> and masqurading. From what I read it did not seem to apply to what I need. Hope you can help!

Hi Lance,

this output is OK. The chars are only missing because the line of your terminal was not long enough. The relevant part is "*:ftp" this means that the FTRP Daemon is listening on all IP's.

latcarf
2nd September 2005, 11:33
Hi Lance,

this output is OK. The chars are only missing because the line of your terminal was not long enough. The relevant part is "*:ftp" this means that the FTRP Daemon is listening on all IP's.
so that means that it has to be something in my proftpd.conf doesn't it? I have checked my router a couple times and port 21 is open for FTP.

till
2nd September 2005, 11:38
so that means that it has to be something in my proftpd.conf doesn't it? I have checked my router a couple times and port 21 is open for FTP.

Yes, you should chech the authentication settings in your proftpd.conf. Is Authentication set to PAM or unix?

latcarf
2nd September 2005, 17:59
Yes, you should chech the authentication settings in your proftpd.conf. Is Authentication set to PAM or unix?
well that may definitely be a problem as I don't see anything regarding authentication in my conf file. I posted it here I got it from a HowTo on the net and only changed what they recommended.

Should I run Standalone, inted or xinted? I have been looking and was possibly considering this HowTo as a set up http://gentoo-wiki.com/HOWTO_ProFTPD Seems pretty good and understandable for even me. There is stuff there I don't need i.e. mySQL but it seems clear how you work around that if you don't need it. Basically it will be me and one user group from a forum. I would like them to be able to upload and download to one specific location. I have not tried to work the forum group into this conf file as I wanted to get learn it first and know I can use it before I opened it up to others.

thanks
lance

# This is the ProFTPD configuration file
# $Id: proftpd.conf,v 1.1 2004/02/26 17:54:30 thias Exp $

ServerName "The Farm FTP"
ServerType standalone
ServerIdent off
DefaultServer on

# Port 21 is the standard FTP port.
Port 21

# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 022

# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd).
MaxInstances 30

# Set the user and group under which the server will run.
User nobody
Group nobody

# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
#DefaultRoot ~

# Normally, we want files to be overwriteable.
<Directory />
AllowOverwrite on
</Directory>

# A basic anonymous configuration, no upload directories. If you do not
# want anonymous users, simply delete this entire <Anonymous> section.
<Anonymous ~ftp>
User ftp
Group ftp

# We want clients to be able to login with "anonymous" as well as "ftp"
UserAlias anonymous ftp

# Limit the maximum number of anonymous logins
MaxClients 10

# We want 'welcome.msg' displayed at login, and '.message' displayed
# in each newly chdired directory.
DisplayLogin welcome.msg
DisplayFirstChdir .message

# Limit WRITE everywhere in the anonymous chroot
<Limit WRITE>
DenyAll
</Limit>
</Anonymous>

falko
2nd September 2005, 20:19
falko... hope your having a good holiday! I checked WS_FTP and passive is not one of the options it seems, been running on auto detect.


Passive Transfers is not on the "General" tab in WS_FTP, it's on the "Advanced" tab. :)

latcarf
4th September 2005, 03:33
I have found that I can log into my FTP site from outside my network. I am at our home in Michigan this weekend and was able to log in using my user name and as anonymous via WS_FTP.

So now I am kind of curiuos why it won't from in my network?

till
4th September 2005, 08:12
This looks like a router issue. Have you tried to login from your home network with your IP or your domain?

latcarf
5th September 2005, 01:53
This looks like a router issue. Have you tried to login from your home network with your IP or your domain?The start of this thread was me trying to log in from my network...

From inside my network it will log into www.mydomain.net but will not log into ftp.mydomain.net

From outside my network it will log into www. and ftp.mydomain.net. :confused:

falko
6th September 2005, 20:04
The start of this thread was me trying to log in from my network...

From inside my network it will log into www.mydomain.net but will not log into ftp.mydomain.net

From outside my network it will log into www. and ftp.mydomain.net. :confused:

Do the name servers you use in your home network resolve ftp.mydomain.net correctly? You can find that out by running
dig @[IP of you name server] ftp.mydomain.net

latcarf
6th September 2005, 22:52
Do the name servers you use in your home network resolve ftp.mydomain.net correctly? You can find that out by running
dig @[IP of you name server] ftp.mydomain.net
They should as everything else is. I can't check at the moment :(

I have a much bigger problem which I posted in the Linux Instal forum about. As soon as I get that one figured out I can check, I hope....

latcarf
23rd September 2005, 01:42
They should as everything else is. I can't check at the moment :(

I have a much bigger problem which I posted in the Linux Instal forum about. As soon as I get that one figured out I can check, I hope....bummer! my hard drive went kaput so you know what I have been doing since I did not have a image made yet!

Anyway, I have rebuilt the system and software and solved most of the ftp problems I was having before. I have one last problem I can't get figured out.

I want a directory where people can upload files. I thought this configuration would do it in the /plant directory but it does not. When I try it I get 550 [filename] Permission Deniedhere is my config file anyone see what I am doing wrong? # This is the ProFTPD configuration file
# $Id: proftpd.conf,v 1.1 2004/02/26 17:54:30 thias Exp $

ServerName "ProFTPD server"
ServerIdent on "FTP Server ready."
ServerAdmin root@localhost
ServerType standalone
DefaultServer on
AccessGrantMsg "User %u logged in."
DeferWelcome off

# Use this to excude users from the chroot
DefaultRoot ~ !adm

# Use pam to authenticate (default) and be authoritative
AuthPAMConfig proftpd
AuthOrder mod_auth_pam.c* mod_auth_unix.c

# Do not perform ident nor DNS lookups (hangs when the port is filtered)
IdentLookups off
UseReverseDNS off

# Port 21 is the standard FTP port.
Port 21

# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 022

# Default to show dot files in directory listings
ListOptions "-a"

# Allow to resume not only the downloads but the uploads too
AllowRetrieveRestart on
AllowStoreRestart on

# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 20

# Set the user and group that the server normally runs at.
User nobody
Group nobody

# This is where we want to put the pid file
ScoreboardFile /var/run/proftpd.score

# Normally, we want users to do a few things.
<Global>
AllowOverwrite yes
<Limit ALL SITE_CHMOD>
AllowAll
</Limit>
</Global>

# Define the log formats
LogFormat default "%h %l %u %t \"%r\" %s %b"
LogFormat auth "%v [%P] %h %t \"%r\" %s"

# anonymous configuration, with an upload directory.
<Anonymous ~ftp>
User ftp
Group ftp
AccessGrantMsg "Anonymous login ok, restrictions apply."
#
# # We want clients to be able to login with "anonymous" as well as "ftp"
UserAlias anonymous ftp

# # Limit the maximum number of anonymous logins
MaxClients 10 "Sorry, max %m users -- try again later"

# Put the user into /pub right after login
DefaultChdir /crops

# We want 'welcome.msg' displayed at login, '.message' displayed in
# each newly chdired directory and tell users to read README* files.
DisplayLogin /welcome.msg

# Some more cosmetic and not vital stuff
DirFakeUser on ftp
DirFakeGroup on ftp

# Limit WRITE everywhere in the anonymous chroot
<Limit WRITE SITE_CHMOD>
DenyAll
</Limit>

# An upload directory that allows storing files but not retrieving
# or creating directories.
<Directory /plant/*>
AllowOverwrite no
<Limit READ>
DenyAll
</Limit>
<Limit STOR>
AllowAll
</Limit>
</Directory>

# Logging for the anonymous transfers
ExtendedLog /var/log/proftpd/access.log WRITE,READ default
ExtendedLog /var/log/proftpd/auth.log AUTH auth

</Anonymous>

till
23rd September 2005, 09:09
Is your anonymous directory (/plant) owned by the user ftp and does the user ftp has write permissions?

latcarf
23rd September 2005, 14:46
Is your anonymous directory (/plant) owned by the user ftp and does the user ftp has write permissions?hhmmm... good question! my limited experience with Linux tells me you are probably referring to using or applying the chmod command. I will start looking at this, am I on the right trail?

I also noticed the config file defines a chroot # Limit WRITE everywhere in the anonymous chroot
<Limit WRITE SITE_CHMOD>
DenyAll
</Limit>I pieced this config file together from 2 others available on line. Is this the same type of chroot we did for named/DNS in the Perfect set up for FC4 HowTo? There may be some directory work I need to accomplish that I missed due to lack of experience/knowledge.

till
23rd September 2005, 15:28
hhmmm... good question! my limited experience with Linux tells me you are probably referring to using or applying the chmod command. I will start looking at this, am I on the right trail?

Yes, the command is:

chown ftp:ftp /plant

Is this the same type of chroot we did for named/DNS in the Perfect set up for FC4 HowTo? There may be some directory work I need to accomplish that I missed due to lack of experience/knowledge.

No, this chroot is managed by your FTP daemon internally.

latcarf
23rd September 2005, 15:56
Yes, the command is:

chown ftp:ftp /plant



No, this chroot is managed by your FTP daemon internally.I used this command and got it to work after I changed it to #chown ftp:ftp /var/ftp/plant I restarted the ftp server then tried to uplaod a file from my Windows box using WS_FTP and I am still getting Permision Denied.

I will have to go through the config file again and try to see what I am missing or not doing correctly. My directory structure for ftp is under /var/ftp then I have /crop wich is where they should download files and /plant where they should be able to upload files. When logging into my ftp site it shows the directory's under /crop. I am already thinking I need to change the login directory so that /crop and /plant both show but that shouldn't effect uploading should it?

Any help would be appreciated though!

gotta go to work , thanks for the help :)

latcarf
24th September 2005, 01:30
I've changed this, changed that, restarted, stop, started...

still no luck transferring files :(

falko
24th September 2005, 10:02
Does it change anything when you change <Limit READ>
DenyAll
</Limit> to <Limit READ>
AllowAll
</Limit>?

latcarf
24th September 2005, 13:26
Does it change anything when you change <Limit READ>
DenyAll
</Limit> to <Limit READ>
AllowAll
</Limit>?That didn't work but that made me look at other sections similar. Right above the section you quoted is...# Limit WRITE everywhere in the anonymous chroot
<Limit WRITE SITE_CHMOD>
DenyAll
</Limit>
I changed this to AllowAll and it worked! :) I double checked and it won't let me transfer to anywhere but the /plant directory which is as it should be.

Now... The files transferred (according to WS_FTP) but I couldnt see then on the FTP side of WS_FTP. So I switched my screen over to the ftp box and checked filesystem and sure enough they are there!

I will have to check and see if the asterick I am using in /plant/* is causing this. There are also several folders under /plant that are not showing when I log in with WS_FTP. Same folders under /harvest (previously /crop in the conf above) are under /plant.

Thanks for the help! I see you are back from holiday, hope it was good! Did you go anywhere?

falko
24th September 2005, 17:25
Now... The files transferred (according to WS_FTP) but I couldnt see then on the FTP side of WS_FTP. So I switched my screen over to the ftp box and checked filesystem and sure enough they are there!

Maybe because of
<Limit READ>
DenyAll
</Limit>? ;)

I see you are back from holiday, hope it was good! Did you go anywhere?
Yes, it was great! I went to Croatia, to the Mediterranean, and enjoyed the sun! :) :)

latcarf
25th September 2005, 00:10
Maybe because of
<Limit READ>
DenyAll
</Limit>? ;)


Yes, it was great! I went to Croatia, to the Mediterranean, and enjoyed the sun! :) :)That was one of the changes I tried already, also changing the variations of /plant with and without the /* following it. No dice so far.

Never been to Croatia myself but I have heard they have some great beaches. :cool:

latcarf
25th September 2005, 22:07
That was one of the changes I tried already, also changing the variations of /plant with and without the /* following it. No dice so far.I finally it figured out! :) When I created the directories under /plant I didn't modify the permissions and they were all under root.

I would like to make it so Anonymous users have to log in using their email address as their password. I thought I saw something on this once but can't seem to find it again. Anyone know how to make this happen?

latcarf
27th September 2005, 02:57
I was checking my log file and noticed the date is off.. it shows everything a day ahead e.g. today is posted as 27/Sept/2005 which it is in Germany :) but it is the 26th here. Can I change this?

Also if there is an access and it ends in ""MKD 050926141331p" 550 -" doesn't this mean someone tried to make a directory at my FTP site? That makes me wonder if that is why I see some weird file names instead of the directories I am supposed to see. This only happens when I log in with WS_FTP. If I go to the site with a browser I see what I am supposed to see. :confused: confused again!