Using FTP

Discussion in 'Server Operation' started by latcarf, Aug 30, 2005.

  1. latcarf

    latcarf New Member

    I installed ProFTP using the Perfect Install FC4 HowTo now I need to know HowTo use it! :D

    I have only used FTP via WS_FTP client before. After much research and testing I have determined that ptoftpd.conf seems to be correct and I can log into ftp as anonymous via the console but I am not sure what to do after that. I found a small tut and tried a command but these are the results:
    Code:
    [Lance@server1 ~]$ ftp ftp.thefractalfarm.net
    Connected to server1.thefractalfarm.net.
    220 192.168.2.3 FTP server ready
    500 AUTH not understood
    500 AUTH not understood
    KERBEROS_V4 rejected as an authentication type
    Name (ftp.thefractalfarm.net:Lance): anonymous
    331 Anonymous login ok, send your complete email address as your password.
    Password:
    230 Anonymous access granted, restrictions apply.
    Remote system type is UNIX.
    Using binary mode to transfer files.
    ftp> put bookmarks.html /Lance/test
    local: bookmarks.html remote: /Lance/test
    227 Entering Passive Mode (192,168,2,3,128,107).
    550 /Lance/test: Permission denied
    ftp> put bookmarks.html /ftp
    local: bookmarks.html remote: /ftp
    227 Entering Passive Mode (192,168,2,3,128,108).
    550 /ftp: Permission denied
    ftp> put bookmarks.html /home/ftp
    local: bookmarks.html remote: /home/ftp
    227 Entering Passive Mode (192,168,2,3,128,109).
    550 /home/ftp: Permission denied
    ftp> quit
    221 Goodbye.
    [Lance@server1 ~]$
    Am I do something wrong? Note that this is on the same box that has my ftp server also and I am not using ISPConfig.

    Does anyone know how I would use WS_FTP from my MS machine to connect to my FTP? I have tried anonymous with my e-mail as password and I get "failure to connect to ftp.thefractalfarm.net". I can however use the browser on my MS box to go to my FTP site. Would drop and drag work there, didn't think to try it. :confused:
     
  2. domino

    domino New Member

  3. latcarf

    latcarf New Member

    okay... I created the pam.d/ftp file. Whether that helped or not don't know for sure but I was able to log in as anonymous and as user.

    I guess I need to know what commands can be used and what they are used for. I'll check ProFTPDs home page for that.

    Meantime... I switched over to my MS box and tryed to log in using WS_FTP as the same user I logged in via console and still couldn't get it to connect. Actually the window at the bottom of WS_FTP that shows status and progress indicates "Connecting to MYIP:21", then "connected to MYIP Port 21. But then it gives "! Receive error: connection reset" followed by "Connection failed ftp.mydomain.net"

    Anybody have any idea what I might be doing wrong? I checked my router and Port 21 is open.
     
  4. till

    till Super Moderator

    Have you checked that your proftpd is listening on all IP's and not only on 127.0.0.1?
     
  5. falko

    falko Super Moderator

    Have you tried to use "Passive Transfers" in your FTP client? In most cases this solves firewall problems.
     
  6. latcarf

    latcarf New Member

    till... Where do I check to see what IPs it is listening on? I just checked proftpd.conf and do not see anything regarding IP and FTP does not seem to be listed in the System Settings> Server Settings.

    falko... hope your having a good holiday! I checked WS_FTP and passive is not one of the options it seems, been running on auto detect.

    Thanks :)
    Lance
     
  7. till

    till Super Moderator

    Try this command and please post the output to the forum:

    Code:
    netstat -tap | grep ftp
     
  8. latcarf

    latcarf New Member

    Code:
    [root@server1 ~]# netstat -tap | grep ftp
    tcp        0      0 *:ftp                       *:*                         LIST EN      21008/proftpd: (acc
    [root@server1 ~]#
    There wasn't anything after (acc...

    I'm a newb but this doesn't look right! :confused:

    I did some searching on the internet but couldn't find a whole lot regarding IP info for FTP except for stuff on <virtual host> and masqurading. From what I read it did not seem to apply to what I need. Hope you can help!

    thanks
    Lance
     
  9. till

    till Super Moderator

    Hi Lance,

    this output is OK. The chars are only missing because the line of your terminal was not long enough. The relevant part is "*:ftp" this means that the FTRP Daemon is listening on all IP's.
     
  10. latcarf

    latcarf New Member

    so that means that it has to be something in my proftpd.conf doesn't it? I have checked my router a couple times and port 21 is open for FTP.
     
  11. till

    till Super Moderator

    Yes, you should chech the authentication settings in your proftpd.conf. Is Authentication set to PAM or unix?
     
  12. latcarf

    latcarf New Member

    well that may definitely be a problem as I don't see anything regarding authentication in my conf file. I posted it here I got it from a HowTo on the net and only changed what they recommended.

    Should I run Standalone, inted or xinted? I have been looking and was possibly considering this HowTo as a set up http://gentoo-wiki.com/HOWTO_ProFTPD Seems pretty good and understandable for even me. There is stuff there I don't need i.e. mySQL but it seems clear how you work around that if you don't need it. Basically it will be me and one user group from a forum. I would like them to be able to upload and download to one specific location. I have not tried to work the forum group into this conf file as I wanted to get learn it first and know I can use it before I opened it up to others.

    thanks
    lance

    Code:
    # This is the ProFTPD configuration file
    # $Id: proftpd.conf,v 1.1 2004/02/26 17:54:30 thias Exp $
    
    ServerName			"The Farm FTP"
    ServerType			standalone
    ServerIdent			off
    DefaultServer			on
    
    # Port 21 is the standard FTP port.
    Port				21
    
    # Umask 022 is a good standard umask to prevent new dirs and files
    # from being group and world writable.
    Umask				022
    
    # To prevent DoS attacks, set the maximum number of child processes
    # to 30.  If you need to allow more than 30 concurrent connections
    # at once, simply increase this value.  Note that this ONLY works
    # in standalone mode, in inetd mode you should use an inetd server
    # that allows you to limit maximum number of processes per service
    # (such as xinetd).
    MaxInstances			30
    
    # Set the user and group under which the server will run.
    User				nobody
    Group				nobody
    
    # To cause every FTP user to be "jailed" (chrooted) into their home
    # directory, uncomment this line.
    #DefaultRoot ~
    
    # Normally, we want files to be overwriteable.
    <Directory />
      AllowOverwrite		on
    </Directory>
    
    # A basic anonymous configuration, no upload directories.  If you do not
    # want anonymous users, simply delete this entire <Anonymous> section.
    <Anonymous ~ftp>
      User				ftp
      Group				ftp
    
      # We want clients to be able to login with "anonymous" as well as "ftp"
      UserAlias			anonymous ftp
    
      # Limit the maximum number of anonymous logins
      MaxClients			10
    
      # We want 'welcome.msg' displayed at login, and '.message' displayed
      # in each newly chdired directory.
      DisplayLogin			welcome.msg
      DisplayFirstChdir		.message
    
      # Limit WRITE everywhere in the anonymous chroot
      <Limit WRITE>
        DenyAll
      </Limit>
    </Anonymous>
     
  13. falko

    falko Super Moderator

    Passive Transfers is not on the "General" tab in WS_FTP, it's on the "Advanced" tab. :)
     
  14. latcarf

    latcarf New Member

    I have found that I can log into my FTP site from outside my network. I am at our home in Michigan this weekend and was able to log in using my user name and as anonymous via WS_FTP.

    So now I am kind of curiuos why it won't from in my network?
     
  15. till

    till Super Moderator

    This looks like a router issue. Have you tried to login from your home network with your IP or your domain?
     
  16. latcarf

    latcarf New Member

    The start of this thread was me trying to log in from my network...

    From inside my network it will log into www.mydomain.net but will not log into ftp.mydomain.net

    From outside my network it will log into www. and ftp.mydomain.net. :confused:
     
  17. falko

    falko Super Moderator

    Do the name servers you use in your home network resolve ftp.mydomain.net correctly? You can find that out by running
    Code:
    dig @[IP of you name server] ftp.mydomain.net
     
  18. latcarf

    latcarf New Member

    They should as everything else is. I can't check at the moment :(

    I have a much bigger problem which I posted in the Linux Instal forum about. As soon as I get that one figured out I can check, I hope....
     
  19. latcarf

    latcarf New Member

    bummer! my hard drive went kaput so you know what I have been doing since I did not have a image made yet!

    Anyway, I have rebuilt the system and software and solved most of the ftp problems I was having before. I have one last problem I can't get figured out.

    I want a directory where people can upload files. I thought this configuration would do it in the /plant directory but it does not. When I try it I get
    Code:
    550 [filename] Permission Denied
    here is my config file anyone see what I am doing wrong?
    Code:
    # This is the ProFTPD configuration file
    # $Id: proftpd.conf,v 1.1 2004/02/26 17:54:30 thias Exp $
    
    ServerName			"ProFTPD server"
    ServerIdent			on "FTP Server ready."
    ServerAdmin			root@localhost
    ServerType			standalone
    DefaultServer			on
    AccessGrantMsg			"User %u logged in."
    DeferWelcome			off
    
    # Use this to excude users from the chroot
    DefaultRoot			~ !adm
    
    # Use pam to authenticate (default) and be authoritative
    AuthPAMConfig			proftpd
    AuthOrder			mod_auth_pam.c* mod_auth_unix.c
    
    # Do not perform ident nor DNS lookups (hangs when the port is filtered)
    IdentLookups			off
    UseReverseDNS			off
    
    # Port 21 is the standard FTP port.
    Port				21
    
    # Umask 022 is a good standard umask to prevent new dirs and files
    # from being group and world writable.
    Umask				022
    
    # Default to show dot files in directory listings
    ListOptions			"-a"
    
    # Allow to resume not only the downloads but the uploads too
    AllowRetrieveRestart		on
    AllowStoreRestart		on
    
    # To prevent DoS attacks, set the maximum number of child processes
    # to 30.  If you need to allow more than 30 concurrent connections
    # at once, simply increase this value.  Note that this ONLY works
    # in standalone mode, in inetd mode you should use an inetd server
    # that allows you to limit maximum number of processes per service
    # (such as xinetd)
    MaxInstances			20
    
    # Set the user and group that the server normally runs at.
    User				nobody
    Group				nobody
    
    # This is where we want to put the pid file
    ScoreboardFile			/var/run/proftpd.score
    
    # Normally, we want users to do a few things.
    <Global>
      AllowOverwrite		yes
      <Limit ALL SITE_CHMOD>
        AllowAll
      </Limit>
    </Global>
    
    # Define the log formats
    LogFormat			default	"%h %l %u %t \"%r\" %s %b"
    LogFormat			auth	"%v [%P] %h %t \"%r\" %s"
    
    # anonymous configuration, with an upload directory.
    <Anonymous ~ftp>
      User				ftp
      Group				ftp
      AccessGrantMsg		"Anonymous login ok, restrictions apply."
    #
    #  # We want clients to be able to login with "anonymous" as well as "ftp"
      UserAlias			anonymous ftp
    
    #  # Limit the maximum number of anonymous logins
      MaxClients			10 "Sorry, max %m users -- try again later"
    
    # Put the user into /pub right after login
      DefaultChdir			/crops
    
    # We want 'welcome.msg' displayed at login, '.message' displayed in
    # each newly chdired directory and tell users to read README* files. 
      DisplayLogin			/welcome.msg
    
    # Some more cosmetic and not vital stuff
      DirFakeUser			on ftp
      DirFakeGroup			on ftp
    
    # Limit WRITE everywhere in the anonymous chroot
      <Limit WRITE SITE_CHMOD>
        DenyAll
      </Limit>
    
    # An upload directory that allows storing files but not retrieving
    # or creating directories.
       <Directory /plant/*>
    	  AllowOverwrite		no
    	<Limit READ>
    	  DenyAll
    	</Limit>
    	<Limit STOR>
    	  AllowAll
    	</Limit>
      </Directory>
    
    # Logging for the anonymous transfers
      ExtendedLog		/var/log/proftpd/access.log WRITE,READ default
      ExtendedLog		/var/log/proftpd/auth.log AUTH auth
    
    </Anonymous>
     
  20. till

    till Super Moderator

    Is your anonymous directory (/plant) owned by the user ftp and does the user ftp has write permissions?
     

Share This Page