-
2 Attachment(s)
HOWTO : Create a FTP server with user access (proftpd)
There's some support for this guide in the hoary section
Some questions are already answered in the OLD THREAD ,if you need support you should read it before posting here.
I created this How to for people who want to share files with friends using FTP protocol, like FTPservU under windows. The way i give you is not the only one, I hope my How to is enough clear.
This FTP server will allow only users with the good password (persons to whom you gave the password and username). So you will be sure that only known persons will access your FTP server.
A- The GUI way (for beginners only)
For those who are new to linux and don't want to use a FTP server without GUI, or just for those who don't use often their FTP server and wish to set it quickly without a high level of security, there is a GTK GUI for proftpd.
Be careful, it's less secure than configuring yourself your server.
1- Install proftpd and gproftpd with synaptic or with this command :
Code:
sudo apt-get install proftpd gproftpd
2-Play with the GUI and set up quickly your server.
Beware no support is offered here for this tool but it shouldn't be too hard to use.
B- The secure way
1- Install proftpd with synaptic or with this command :
Code:
sudo apt-get install proftpd
2- Add this line in /etc/shells file (sudo gedit /etc/shells to open the file) : Create a /home/FTP-shared directory :
Code:
cd /home
sudo mkdir FTP-shared
Create a user named userftp which will be used only for ftp access. This user don't need a valid shell (more secure) therefore select /bin/false shell for userftp and /home/FTP-shared as home directory (property button in user and group window).
To make this section clearer, i give you the equivalent command line to create the user, but it would be better to use the GUI (System > Administration > User & Group) to create the user since users here often got problems with the user creation and the password (530 error) with the command line, so i really advice to use the GUI :
Code:
sudo useradd userftp -p your_password -d /home/FTP-shared -s /bin/false
sudo passwd userftp
In FTP-shared directory create a download and an upload directory :
Code:
cd /home/FTP-shared/
sudo mkdir download
sudo mkdir upload
Now we have to set the good permissions for these directories :
Code:
cd /home
sudo chmod 755 FTP-shared
cd FTP-shared
sudo chmod 755 download
sudo chmod 777 upload
3- OK, now go to the proftpd configuration file :
Code:
sudo gedit /etc/proftpd.conf
or for edgy eft (ubuntu 6.10) :
Code:
sudo gedit /etc/proftpd/proftpd.conf
and edit your proftpd.conf file like that if it fit to your need :
Code:
# To really apply changes reload proftpd after modifications.
AllowOverwrite on
AuthAliasOnly on
# Choose here the user alias you want !!!!
UserAlias sauron userftp
ServerName "ChezFrodon"
ServerType standalone
DeferWelcome on
MultilineRFC2228 on
DefaultServer on
ShowSymlinks off
TimeoutNoTransfer 600
TimeoutStalled 100
TimeoutIdle 2200
DisplayChdir .message
ListOptions "-l"
RequireValidShell off
TimeoutLogin 20
RootLogin off
# It's better for debug to create log files ;-)
ExtendedLog /var/log/ftp.log
TransferLog /var/log/xferlog
SystemLog /var/log/syslog.log
#DenyFilter \*.*/
# I don't choose to use /etc/ftpusers file (set inside the users you want to ban, not useful for me)
UseFtpUsers off
# Allow to restart a download
AllowStoreRestart on
# Port 21 is the standard FTP port, so you may prefer to use another port for security reasons (choose here the port you want)
Port 1980
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 8
# Set the user and group that the server normally runs at.
User nobody
Group nogroup
# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask 022 022
PersistentPasswd off
MaxClients 8
MaxClientsPerHost 8
MaxClientsPerUser 8
MaxHostsPerUser 8
# Display a message after a successful login
AccessGrantMsg "welcome !!!"
# This message is displayed for each access good or not
ServerIdent on "you're at home"
# Lock all the users in home directory, ***** really important *****
DefaultRoot ~
MaxLoginAttempts 5
#VALID LOGINS
<Limit LOGIN>
AllowUser userftp
DenyALL
</Limit>
<Directory /home/FTP-shared>
Umask 022 022
AllowOverwrite off
<Limit MKD STOR DELE XMKD RNRF RNTO RMD XRMD>
DenyAll
</Limit>
</Directory>
<Directory /home/FTP-shared/download/*>
Umask 022 022
AllowOverwrite off
<Limit MKD STOR DELE XMKD RNEF RNTO RMD XRMD>
DenyAll
</Limit>
</Directory>
<Directory /home/FTP-shared/upload/>
Umask 022 022
AllowOverwrite on
<Limit READ RMD DELE>
DenyAll
</Limit>
<Limit STOR CWD MKD>
AllowAll
</Limit>
</Directory>
Ok you have done proftpd configuration. Your server is on port 1980 (in this exemple) and the access parameters are
user : sauron
password : the one you've set for userftp
4- To start/stop/restart your server :
Code:
sudo /etc/init.d/proftpd start
sudo /etc/init.d/proftpd stop
sudo /etc/init.d/proftpd restart
To perform a syntax check of your proftpd.conf file : To know who is connected on your server in realtime use "ftptop" command (use "t" caracter to swich to rate display), you can also use the "ftpwho" command.
other informations here
C- Advanced tricks
1- Enable TLS/SSL encryption (FTPS)
** Inportant note : proftpd versions before 1.3.2-rc2 may not work with latest filezilla versions using TLS encryption. See raymond.szebin's post for details.
The FTP file sharing protocol is an old protocol which was created when internet was still a secure place, therefore the default FTP protocol is not that secure.
For example the password and username for login are transmitted in plain text which obviously isn't secure.
That why, to fit the needs of our generation, encryption solutions were developed and one of them is TLS/SSH encryption.
This will encrypt the username and password and all the data you send, obviously to use it the FTP client must support SFTP protocol.
here are the steps to enable TLS/SSH encryption (FTPS):
Paste these commands in a terminal :
Code:
sudo apt-get install build-essential
sudo apt-get install libssl-dev
cd /etc
sudo mkdir ftpcert
cd ftpcert/
sudo openssl genrsa -des3 -out server.key 1024
sudo openssl req -new -key server.key -out server.csr
sudo openssl genrsa -des3 -out ca.key 1024
sudo openssl req -new -x509 -days 365 -key ca.key -out ca.crt
** download the sign.sh file (at the bottom of the post) and put it in ftpcert directory **
sudo chmod +x sign.sh
sudo ./sign.sh server.csr
Then add this section to yout proftpd.conf file :
Code:
<IfModule mod_tls.c>
TLSEngine on
TLSLog /var/ftpd/tls.log
TLSProtocol TLSv1
# Are clients required to use FTP over TLS when talking to this server?
TLSRequired off
# Server's certificate
TLSRSACertificateFile /etc/ftpcert/server.crt
TLSRSACertificateKeyFile /etc/ftpcert/server.key
# CA the server trusts
TLSCACertificateFile /etc/ftpcert/ca.crt
# Authenticate clients that want to use FTP over TLS?
TLSVerifyClient off
</IfModule>
If you use edgy or proftpd 1.3 in general add this line at the beginning of your proftpd.conf file, it will load all the extra modules like mod_tls.c :
Code:
Include /etc/proftpd/modules.conf
Note - Use TLSRequired ON to force the use of TLS. OFF means that the use of TLS is optional.
Optional step:
You will notice that you will be asked for the password you set for the server.key file each time you start/stop/restart the server, it is because the RSA private key is encrypted in the server.key file.
The solution is to remove the encryption of the RSA private key but it makes the key readable in the server.key file which is obviously less secure, anyway if you do that make sure that the server.key is readable only by root.
Once you know that it's less secure here are the command lines to remove the encryption of the RSA private key :
Code:
cd /etc/ftpcert
cp server.key server.key.org
openssl rsa -in server.key.org -out server.key
Here are some links to read in case of problems or just to get more informations :
http://www.modssl.org/docs/2.7/ssl_faq.html#cert-ownca
http://www.castaglia.org/proftpd/doc...HOWTO-TLS.html
To use your TLS encrypted FTP server you will need a FTP client which support it like the latest versions of filezilla (the one present in the feisty repository has the TLS support).
In filezilla the option to use is called FTPES.
Thanks to nix4me for the help he provided and for the instructions.
2- Restrict access for some users
Some of you wish, for different reasons, to create more than one user and give a different access depending on the user.
For example if i create 2 users, one called user1 and the second called user2 and then want to deny access to the download directory for user2, You can do it as following :
First create the 2 users like userftp in the guide and give them alias names if you use aliases. Then allow your 2 users in the general LIMIT LOGIN section :
Code:
#VALID LOGINS
<Limit LOGIN>
AllowUser user1
AllowUser user2
DenyALL
</Limit>
Once done here is how to modify the directory sections to chose who is able to use which directory :
Code:
<Directory /home/FTP-shared/download/*>
Umask 022 022
AllowOverwrite off
<Limit ALL>
Order Allow,Deny
AllowUser user1
Deny ALL
</Limit>
<Limit MKD STOR DELE XMKD RNEF RNTO RMD XRMD>
DenyAll
</Limit>
</Directory>
<Directory> /home/FTP-shared/upload/>
Umask 022 022
AllowOverwrite on
<Limit ALL>
Order Allow,Deny
AllowUser user1
AllowUser user2
Deny ALL
</Limit>
<Limit READ RMD DELE>
DenyAll
</Limit>
<Limit STOR CWD MKD>
AllowAll
</Limit>
</Directory>
Note - user2 will see the download directory but will not be able to enter the directory.
That's all
Misc
Best Common Practices - Everyone should read this
http://www.castaglia.org/proftpd/doc...HOWTO-BCP.html
ProftpTools 1.0.1
ProftpTools is a script I wrote thanks to swoop's feedback. This script allow you to start/stop proftpd, mount/unmount auto/manually directories, show your IP, ... and all of that with a GUI in order to use proftpd in a really easy way !
To install ProftpTools, download ProftpTools-v1.0.2.tar.gz (at the bottom of the page) and untar it where you want and then move the ProftpTools file in /usr/bin :
Code:
tar -xzvf ProftpTools-v1.0.2.tar.gz
cd ProftpTools-v1.0.2/
sudo mv ProftpTools /usr/bin/
Then add these lines in your .bashrc (it's in your home directory : gedit /home/username/.bashrc) file in order to specify what is the ProftpTools directory path, YOU MUST REMOVE THE "/" CHARACTER at the end of the path. I give you an exemple if your ProftpTools directory is in your home directory :
Code:
ProftpTools_dir=/home/username/ProftpTools-v1.0.2
export ProftpTools_dir
Now all you have to do is to type ProftpTools in a terminal and .... enjoy :smile:
You need zenity installed to use this script.
Don't hesitate to post in this thread or send me PM to report bugs, ask new features, correct my english, suggest improvement ;-) and thank you to give me feedback about this tool.
useful trick :
This trick is integrated in ProftpTools.
If you don't want (like me ;-) ) to use space in your /home directory, and use space on another hard drive, or if you just want to share a directory from another partition ... you can mount the directory you want in your download or upload directory without changing anything in proftpd.conf file, use these commands :
Code:
sudo mount -o bind the_directory_you_want_to_share /home/FTP-shared/download
or
sudo mount -o bind the_directory_you_want_to_use_for_upload /home/FTP-shared/upload
This command will not overwrite the directory, the idea is just to mount a directory in another one without overwritng anything, so when someone will log in your server he will see and use the mounted directory if you have mounted one. To unmout a directory (download directory for exemple):
Code:
sudo umount /home/FTP-shared/download
Permanent mount :
If you don't want to re-mount your directories after a reboot you can add a line in fstab file like that (sudo gedit /etc/fstab to open the file) :
Code:
the_directory_to_mount /home/FTP-shared/download vfat bind 0 0
thanks reet ;-)
If you want to create other directories in FTP-shared, think to add it in proftpd.conf file.
Don't hesitate to test yourself your server using gFTP for exemple, it's really helpful to debug your server.
Other stuff/Troubleshooting/FAQ
If you have a router you should read that, it describe the 2 commands to add in proftpd.conf and why.
If you have a dynamic DNS have a look here, you can also use ddclient(maybe easier for newbies).
If you have Unbindable port 21 issue please refer to this post from mustacheride.
Most of informations you're looking for are here
To get more debug informations : http://www.proftpd.org/localsite/Use...ked/x1058.html
You can specify a specific passive port range using PassivePorts command, it's very useful when you use a firewall in order to know which ports to allow.
For those who have a firewall/router i advice to read this excelent post from mssm
Thanks for feedback, and sorry if my english is sometimes really bad :roll:
Don't hesitate to post questions about proftpd in this thread.
-
Re: HOWTO : Create a FTP server with user access (proftpd)
hi,
thanks for the howto, however, i have a problem.
i have a router and the proftpd site is not really informative... well at least not for a noob like me:) so... on the link, it says "First configure your ProFTPD install so that it works right from inside the NAT. There are example configuration files included with the source." now i downloaded the source and had a look on the config files, but i couldn't find anything relevant. any help on this?
also, i'm not sure if i entered the value of 'MasqueradeAddress' correctly. I entered my dyndns domain, so what i get is
Code:
attila@nanaki:/home/FTP-shared$ sudo /etc/init.d/proftpd restart
Password:
Restarting ProFTPD ftp daemon.proftpd.
..localhost.localdomain - 127.0.0.1:1980 masquerading as 84.0.161.247
proftpd.
done.
is thít what should happen? i'm just asking because i'm not sure :)
i did everything else as the guide said, and my problem is that i get a connection timeout. any help would be appreciated, thanks :)
-
Re: HOWTO : Create a FTP server with user access (proftpd)
I'm not a NAT expert because i have only a software firewall but i think this link could help you, also in the original thread some users have used these commands with success, try to follow their example or send us a PM, your problem will be quickly solved. :p
-
1 Attachment(s)
Re: HOWTO : Create a FTP server with user access (proftpd)
strange, i get the 530 error when i try to log in... i've read the otheer forum but all my setting should match...
Code:
attila@nanaki:/home$ la
total 8.0K
drwxr-xr-x 55 attila attila 4.0K 2005-10-22 17:46 attila
drwxr-xr-x 4 userftp root 4.0K 2005-10-22 10:45 FTP-shared
attila@nanaki:/home$ la FTP-shared
total 8.0K
drwxr-xr-x 2 root root 4.0K 2005-10-22 10:45 download
drwxrwxrwx 2 root root 4.0K 2005-10-22 10:45 upload
sorry i'm almost sure i'm being lame but i cannot help it :) so here is my proftpd.conf as well, anyone could help?
-
Re: HOWTO : Create a FTP server with user access (proftpd)
You should comment the 2 last lines of your file because you have 3 active MasqueradeAddress lines in your file, and also try to change the password of the user, i already met persons who've got problems with the user password.
Your settings looks good, did you test the server with your own computer or with a friend ?
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Quote:
Originally Posted by frodon
You should comment the 2 last lines of your file because you have 3 active MasqueradeAddress lines in your file, and also try to change the password of the user, i already met persons who've got problems with the user password.
Your settings looks good, did you test the server with your own computer or with a friend ?
changed the password, commented out the last two lines, still error 530. tested on my comp, and on a friend's one. :/
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Hmm, have you tested to comment the MasqueradeAddress and PassivePorts lines to see if the problem come from these lines ? Because for me your configuration is ok, are you sure to put the good parameters in gFTP when you attempt to connect yourself to the server ?
Just in case give me the gFTP log and what you enter in the fields but i guess it's ok.
Also if you still have a 530 error it could be interesting to collect more debug infos.
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Thanx for the howto, it works great! But I think it's strange that the xferlog has been empty two times now since I started to use my ftp server, is it cleared by default? Are there other logfiles aswell that proftpd use? I'am also thinking of using ssh(or some sort of crypto) on the proftpd server, anyone tried this?
-
Re: HOWTO : Create a FTP server with user access (proftpd)
What you're looking for is in the mod_tls module of proftpd, you should already have it (use the proftpd -l command to verify it).
There is a reference exemple here and i think it's a good start to read this exemple.
If you get SSL/TLS working, send me a PM or post here and i will add this in the GUIDE.
Why do you want to use secure ftp protocol ? i'm just curious
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Quote:
Originally Posted by anatole
changed the password, commented out the last two lines, still error 530. tested on my comp, and on a friend's one. :/
You could try this command line :
Code:
sudo passwd userftp
and then retype your password, it solve the problem for tspec who give me his feedback.
-
Re: HOWTO : Create a FTP server with user access (proftpd)
question:
i just did
Code:
apt-get install proftpd
then as root i unchecked the proftpd service at startup, so i can just whenever i want to (because i only run it sometimes...when i need it). however i did not make many changes to my proftpd.conf file (just made it type=standalone)... i didn't change any permissions or anything... i figure this is secure enough for me since i only start it when i want to move some files and then end it when im finished... is this ok?
-
Re: HOWTO : Create a FTP server with user access (proftpd)
I just installed Breezy Badger and am having some problems running certain services/servers...
when I do
Code:
apt-get install proftpd
it says
Code:
Couldn't Find Package proftpd
-
Re: HOWTO : Create a FTP server with user access (proftpd)
herot, if you want to disable proftpd on startup you could just go in System > Administration > Services, it works well. If your configuration is ok for your need and if you will not use proftpd often and for a long time, it might be enough secure like that.
atomicski, it seems that you haven't enable all the repositories. Open your source.list file :
Code:
sudo gedit /etc/apt/sources.list
then check that you have these lines, if not add them :
Code:
## Major bug fix updates produced after the final release of the
## distribution.
deb http://archive.ubuntu.com/ubuntu breezy-updates main restricted
deb-src http://archive.ubuntu.com/ubuntu breezy-updates main restricted
## Uncomment the following two lines to add software from the 'universe'
## repository.
## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team, and may not be under a free licence. Please satisfy yourself as to
## your rights to use the software. Also, please note that software in
## universe WILL NOT receive any review or updates from the Ubuntu security
## team.
deb http://archive.ubuntu.com/ubuntu breezy main universe multiverse restricted
deb-src http://archive.ubuntu.com/ubuntu breezy main universe multiverse restricted
deb http://security.ubuntu.com/ubuntu breezy-security main restricted
deb-src http://security.ubuntu.com/ubuntu breezy-security main restricted
deb http://security.ubuntu.com/ubuntu breezy-security universe
deb-src http://security.ubuntu.com/ubuntu breezy-security universe
-
Re: HOWTO : Create a FTP server with user access (proftpd)
ok I have did like you said...I but I also am behind a router...I set the ports in the router and forward them to proftpd. I set the ports in proftpd.conf...I can ftp in fine and all that..but when try to list a dir I get port error ip already in use....anyone help?
TokenBad
-
Re: HOWTO : Create a FTP server with user access (proftpd)
I am having the same problem as anatole, error 530
Our .conf files are almost exactly the same (no las 2 lines and minor name differences)
I've reset the password too, still 530
The alias part of the conf, I've tied logging in as both the first name and the second, same each time
any suggestions?
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Leaf, could you post your proftpd.conf file please, and check the path and the name of the directories because the 530 error is often due to name or path mismatches.
TokenBad this link may help you : http://www.ubuntuforums.org/showthread.php?t=39566
-
1 Attachment(s)
Re: HOWTO : Create a FTP server with user access (proftpd)
Quote:
Originally Posted by frodon
Leaf, could you post your proftpd.conf file please, and check the path and the name of the directories because the 530 error is often due to name or path mismatches.
I'm having the same problem. I followed your tutorial. Attached is my proftpd.conf file. I've tried changing things round, trying different port numbers, changing passwords, etc. No matter what I keep getting the 530 error. PLEASE help! I've been up all night trying to get this blasted thing to work.
Thanks..
-
1 Attachment(s)
Re: HOWTO : Create a FTP server with user access (proftpd)
I took a look at your proftpd.conf file. I noticed a few differences with my own. First, I'm not sure that the way you have your multiple user aliases will work. Take a look at the way I have mine set up. I know it works correctly. I have multiple user logins and a different password for each. I have this same configuration (with the exception of different user aliases and ip's.) running on 2 machines.
I took your proftpd.conf file and tried it in my test machine. Other than changing the UserAlias to make it work and commenting out the Mascarade line, It worked just fine. I am attaching a copy of the proftpd.conf file from my test machine so you can compare it with your own.
Are you behind a router or firewall? And do you have another computer sharing the same connection to test with? If you can get it working within the NAT, it's just a matter of getting your router and or firewall configured correctly.
Let me know how it goes.
Good luck. :)
-
Re: HOWTO : Create a FTP server with user access (proftpd)
keving79, like in my guide you use this line at the beginning of the proftpd.conf file : so only alias login are allowed and you didn't set an alias for your users and it's the problem here.
jbinc1 gave you a good exemple on how use differents users with an alias for each, you should follow his exemple and your problem should be solved. I use useralias in my guide because it prevent telnet accesses, but if you don't want to use useralias just replace the line "AuthAliasOnly on" by "AuthAliasOnly off" and login your ftp server with the username and the password and it should work too, up to you ;).
You can also define different access levels for each user, for exemple if you don't want a user to see or use a shared directory or if you just want to give him a read access. If some of you here are interrested, tell me and i will provide you some exemples.
-
1 Attachment(s)
Error 530 won't go away
I used my own and the test .conf file above and got the same results. Error 530 Login incorrect. I have used the password change command and still get 530. After every change in pw and the .conf, I did a restart.
Oh, I did a /home/ftp AND /home/FTP-shared as the example, tried both.
Checked groups in etc and user/group exist.
Where else can I look for the "incorrect" login info? :confused:
Conf file attached....
Thanks,
Steve...
-
Re: Error 530 won't go away
Hi steve_250,
First you should replace those lines :
Code:
# Set the user and group that the server normally runs at.
User root
Group root
by those lines :
Code:
# Set the user and group that the server normally runs at.
User nobody
Group nogroup
Go in your /home/ftp directory and give us the result of the "ls -lg", and tell me what are the exact parmeters you used to login your ftp server (user, pass, port, address). Try to give us the maximum details, because the 530 error always come from a small mismatch.
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Hello Frodon, thanks for the reply.
I have replaced the lines and ran the command, here are the results:
steve@ubuntu:/home/ftp$ ls -lg
total 20
drwxrwxrwx 84 root 12288 2006-01-01 17:01 download
drwxrwxrwx 2 root 4096 2005-12-31 15:48 upload
-rw-r--r-- 1 root 166 2005-09-05 13:17 welcome.msg
steve@ubuntu:/home/ftp$
Running Gftp with user steve pass xm3y9sjp port 21:
Looking up 192.168.2.33
Trying 192.168.2.33:21
Connected to 192.168.2.33:21
220 Ubuntu
USER steve
331 Password required for steve.
PASS xxxx
530 Login incorrect.
Disconnecting from site 192.168.2.33
Thanks for helping....
Steve...
-
Re: HOWTO : Create a FTP server with user access (proftpd)
There is another thing i didn't see before, in the "<Directory> /home/ftp/upload/>" field, modify it like that :
Code:
<Directory> /home/ftp/upload/>
Umask 022 022
AllowOverwrite on
<Limit READ RMD DELE>
DenyAll
</Limit>
<Limit STOR CWD MKD>
AllowAll
</Limit>
</Directory>
This will allow you to write in the upload directory.
Now for your login issue, try to login your gnome session with userftp in order to be sure that it's not a user creation problem. Check also that your home/ftp directory have 755 rights.
-
1 Attachment(s)
Re: HOWTO : Create a FTP server with user access (proftpd)
Ok, did all the above and entered pw for ftpuser again.
I gftp in with "steve" and go this far and now it sits there.
230 welcome !!!
SYST
215 UNIX Type: L8
TYPE I
200 Type set to I
PWD
257 "/" is current directory.
Loading directory listing / from server (LC_TIME=en_US.UTF-8)
PASV
227 Entering Passive Mode (138,88,144,129,250,43).
The remote window just says "Receiving file names".
Kind'a stuck there.
Says the application is not responding when I try to close it after a 5 minute wait.
conf attached again.
-
Re: HOWTO : Create a FTP server with user access (proftpd)
I took a look at the permissions, all is set to 755 starting with "Home".
This is also what I see:
Location Owner Group
HOME Root Root
ftp ftp nogroup
Under ftp:
download Root Root
upload Root Root
I gave 777 to u/l as the first page you wrote said to do.
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Do you attempt to login the ftp server with the same computer which run the server or with another one ?
The first thing to test is to login the ftp server with the same computer which run the ftp server then if it works the problem come from your router.
-
Re: HOWTO : Create a FTP server with user access (proftpd)
I tried it with the same machine, that's the log I sent ya.
Through another machine I had the same problem.
I also have tried to set the owner/group of all the directories to "steve".
(home/ftp, u/l & d/l)
In doing so, I now get the 530 error again.
What should the dir's be set to for owner/group?
Also chmod them to 774.
My login is steve and the machine will normaly be running under my name login.
-
Re: HOWTO : Create a FTP server with user access (proftpd)
The owner should be root (it is in my case) and 775 rights are needed for your /home/ftp directory.
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Just to make sure I have it right, owner/group for ALL the mentioned directories are supposed to be root?
I'll do that and make sure it's all 775.
Ok, fixed that.
I commented out the passive mode and masquereding and it works locally now.
Any concern with commenting these out?
I try it through the internet, still hangs at receiving file names.
This is what Gftp reports:
USER steve
331 Password required for steve.
PASS xxxx
230 welcome !!!
SYST
215 UNIX Type: L8
TYPE I
200 Type set to I
PWD
257 "/" is current directory.
Loading directory listing / from server (LC_TIME=en_US.UTF-8)
PASV
227 Entering Passive Mode (192,168,2,33,4,52).
LIST -aL
Disconnecting from site sjp.serveftp.net
Invalid response '
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Quote:
Originally Posted by frodon
You can also define different access levels for each user, for exemple if you don't want a user to see or use a shared directory or if you just want to give him a read access. If some of you here are interrested, tell me and i will provide you some exemples.
YEs, I'd be very interested in this. Now that I finally got the FTP working (thanks to your advice), I'd like to setup different access levels for different users. If you could post a tutorial for that, that would be sweet.
Thanks!
-
Re: HOWTO : Create a FTP server with user access (proftpd)
I have followed the howto, but when I run "sudo /etc/init.d/proftpd start" I get this message:
Quote:
ProFTPd warning: cannot start neither in standalone nor in inetd/xinetd mode. Check your configuration.
This is what my proftpd.conf file looks like:
Code:
#
# /etc/proftpd.conf -- This is a basic ProFTPD configuration file.
# To really apply changes reload proftpd after modifications.
#
AllowOverwrite on
AuthAliasOnly on
# Choose here the user alias you want !!!!
UserAlias upload userftp
ServerName "htpc"
ServerType inetd
DeferWelcome on
MasqueradeAddress my.ip.is.here
PassivePorts 60000 60100 #this is a range, not just two ports
MultilineRFC2228 on
DefaultServer on
ShowSymlinks off
TimeoutNoTransfer 600
TimeoutStalled 100
TimeoutIdle 2200
DisplayFirstChdir .message
ListOptions "-l"
RequireValidShell off
TimeoutLogin 20
RootLogin on
# It's better for debugging purposes to create log files
ExtendedLog /var/log/ftp.log
TransferLog /var/log/xferlog
SystemLog /var/log/syslog.log
#DenyFilter \*.*/
# I don't choose to use /etc/ftpusers file (use it to ban users by
just writing their username in it)
UseFtpUsers off
# Allow to restart a download
AllowStoreRestart on
# Port 21 is the standard FTP port, so don't use it for security
reasons (choose here the port you want)
Port 2121
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 8
# Set the user and group that the server normally runs at.
User nobody
Group nogroup
# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask 022 022
PersistentPasswd off
MaxClients 8
MaxClientsPerHost 8
MaxClientsPerUser 8
MaxHostsPerUser 8
# Display a message after a successful login
AccessGrantMsg "welcome to t0bb3's ftp server"
# This message is displayed for each access good or not
ServerIdent on "HTPC ftp server"
# Set /home/FTP-shared directory as home directory
DefaultRoot /home/FTP-shared
# Lock all the users in home directory,
# ***** really important *****
DefaultRoot ~
MaxLoginAttempts 3
#VALID LOGINS
<Limit LOGIN>
AllowUser userftp
DenyALL
</Limit>
<Directory /home/FTP-shared>
Umask 022 022
AllowOverwrite off
<Limit MKD STOR DELE XMKD RNRF RNTO RMD XRMD>
DenyAll
</Limit>
</Directory>
<Directory /home/FTP-shared/download/*>
Umask 022 022
AllowOverwrite off
<Limit MKD STOR DELE XMKD RNEF RNTO RMD XRMD>
DenyAll
</Limit>
</Directory>
<Directory> /home/FTP-shared/upload/>
Umask 022 022
AllowOverwrite on
<Limit READ RMD DELE>
DenyAll
</Limit>
<Limit STOR CWD MKD>
AllowAll
</Limit>
</Directory>
Do you see anything wrong?
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Replace : by :
Code:
ServerType standalone
and it should work.
By the way the "RootLogin on" option is not really secure, if you don't know why you use it i advice you to put it off.
-
Re: HOWTO : Create a FTP server with user access (proftpd)
But I choose inetd duing the install of the server. It said inetd would be more resource friendly if I only had a few connections every day, and it's basicly only I that connect to the ftp server. Why should I change to standalone?
I'll change the RootLogin option
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Yes it's a little bit more resource friendly but standalone server is easier to use and if you don't have 20 users who use your server at the same time you won't see the difference.
Link : http://www.proftpd.org/localsite/Use...erverType.html
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Thank you, it starts now :)
But why didn't it work with inetd as the servertype?
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Reading the proftpd manual (http://www.proftpd.org/localsite/Use...nked/x430.html) I decided to give inetd another go. They all say inetd is better suited when there aren't that many connections.
When I choose inetd as the server type duing the initial install proftpd made the necessary changes to /etc/inetd.conf. So the server should have been ready for use as soon as I had installed it. I had missunderstood the whole
Code:
sudo /etc/init.d/proftpd start
sudo /etc/init.d/proftpd stop
sudo /etc/init.d/proftpd restart
thing. It's only for when you run the server in standalone mode! I thought I should do that even when in inetd mode, but that was wrong.
Another nice thing about inetd mode is that you don't have to do anything special when you make changes to proftpd.conf. The server rereads that file for every new connection.
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Quote:
Originally Posted by keving79
Quote:
Originally Posted by frodon
You can also define different access levels for each user, for exemple if you don't want a user to see or use a shared directory or if you just want to give him a read access. If some of you here are interrested, tell me and i will provide you some exemples.
YEs, I'd be very interested in this. Now that I finally got the FTP working (thanks to your advice), I'd like to setup different access levels for different users. If you could post a tutorial for that, that would be sweet.
Thanks!
I second this.
And I would also like to know how to set up virtual users
Thanks
-
Re: HOWTO : Create a FTP server with user access (proftpd)
This is a small exemple on how avoid user2 to enter in the download directory.
In this case 2 users have been created (userftp and user2) and each one have its own alias.
This exemple will allow userftp to see all the shared directory and avoid user2 to use the dowload directory, (i give you only the directory section) :
Code:
#VALID LOGINS
<Limit LOGIN>
AllowUser userftp
AllowUser user2
DenyALL
</Limit>
<Directory /home/FTP-shared>
Umask 022 022
AllowOverwrite off
<Limit ALL>
Order Allow,Deny
AllowUser userftp
AllowUser user2
Deny ALL
</Limit>
<Limit MKD STOR DELE XMKD RNRF RNTO RMD XRMD>
DenyAll
</Limit>
</Directory>
<Directory /home/FTP-shared/download/*>
Umask 022 022
AllowOverwrite off
<Limit ALL>
Order Allow,Deny
AllowUser userftp
Deny ALL
</Limit>
<Limit MKD STOR DELE XMKD RNEF RNTO RMD XRMD>
DenyAll
</Limit>
</Directory>
<Directory> /home/FTP-shared/upload/>
Umask 022 022
AllowOverwrite on
<Limit ALL>
Order Allow,Deny
AllowUser userftp
AllowUser user2
Deny ALL
</Limit>
<Limit READ RMD DELE>
DenyAll
</Limit>
<Limit STOR CWD MKD>
AllowAll
</Limit>
</Directory>
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Hello frodon,
My ftp server has been running for a few weeks now thanks to your excellent HOWTO. Now I need some help speeding it up. Inside the nat I get great upload/download speeds. Over the internet I am limited to about 50 kbs. Any ideas? :confused:
-
Re: HOWTO : Create a FTP server with user access (proftpd)
It's because when you are inside the NAT the limit is the limit of the local network and when you are outside the NAT the limit is your internet connection speed wich is really lower than the local network speed.
Did you already reach a better upload rate with IRC, msn, or another share protocol ?
-
1 Attachment(s)
Re: HOWTO : Create a FTP server with user access (proftpd)
I'm thinking about a new howto or an improvement of this one for newbies (and this will be only for newbies !). Because proftpd has a GUI called Gproftpd but i generally don't advice it because you need to run it as root and you can easily break your server configuration or create a unsecure ftp server, however i think newbies will prefer this way (less secure but more userfriendly).
So, please could someone test this GUI and give me his personnal opinion about it in order to help me to know if i should advice it for newbies and create a small guide for it ?
Thanks for helping me to estimate this way to use proftpd.
here are the website link and a screenshot at the bottom of the post :
http://mange.dynalias.org/linux.html
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Hello frodon,
I'm setting up a fresh install of Ubuntu and I'm going to test the Gproftpd gui. I will see how it goes using the instructions on the Gproftpd web site and give you feedback.
Also, I think my slow connections on my ftp server are possibly due to my router. I still have to do more research on that one. ](*,)
When I connect to other ftp servers, I'm getting excellent speeds. I did some searching and it seems I'm not the only one to have this problem.
Take it easy.
-
GUI interface
Sure seems like an easier way for newbies like me.
I installed it and got a text that said it's running. Didn't get the GUI interface or see an icon.
I'll try again today.
Jbinc1, no, you're not the only one with slow speed, going through my Netgear FVS318 is slow to connect too.
I tried the inet install instead of standalone and it won't run at all. How to I reinstall proftpd? I'll switch back to standalone.
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Hello Steve,
I've done some pretty extensive searching on the slow connection subject and I can't seem to find any solution. If you happen to find anything feel free to pm me and let me know. I really like the easiness of the setup and the way my ftp server is running, but I have the need for speed, if you know what I mean. :)
If you go into the proftpd.conf file where it says "ServerType" you should be able to just change it back to "standalone".
-
Re: HOWTO : Create a FTP server with user access (proftpd)
I also noticed some differences in the inet and standalone. In the inet install, it creates it's own ftp directory under home. It also starts in /init.d instead of inirtd as it wants to (says it can't find it in inirtd).
Jbinc1, I'm going to see if I can buy a splitter to run off my DSL modem to put the server outside the router.
Yep, changed it to standalone in the conf and now it won't run at all. Want to do a re-install. Stuff is in different directories than with the standalone install, at least in MY machine.
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Quote:
Originally Posted by jbinc1
Hello frodon,
I'm setting up a fresh install of Ubuntu and I'm going to test the Gproftpd gui. I will see how it goes using the instructions on the Gproftpd web site and give you feedback.
Also, I think my slow connections on my ftp server are possibly due to my router. I still have to do more research on that one. ](*,)
When I connect to other ftp servers, I'm getting excellent speeds. I did some searching and it seems I'm not the only one to have this problem.
Take it easy.
Hi jbinc1,
I'm wondering something, when you say that you have a slow connections, do you mean transfert speed ?
Because most of DSL connections have a really poor upload speed compared to the download speed, maybe it's just your internet connection which have a low upload speed and a good download speed. It could explain why you download fast on other FTP server and not with yours.
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Going through my router when I enter the actual internet address and NOT the local net address (192.168.) it is slow to connect and go through the password dialogue.
Going locally, 192.168. it connects right away.
This is all done on the same machine ftp is installed on, using gftp.
Getting this error now when using gftp and the internet address:
As seen in gftp:
230 welcome !!!
SYST
215 UNIX Type: L8
TYPE I
200 Type set to I
CWD /
250 CWD command successful
Loading directory listing / from server (LC_TIME=en_US.UTF-8)
PASV
227 Entering Passive Mode (192,168,2,33,4,12).
LIST -aL
Disconnecting from site sjp.serveftp.net
Invalid response '
What do you thing the "invaild response" could be?
On edit:
I disabled passive xfers in gedit and it works fine now.
Using a standard browser it connects when I put in the local net address (192.168) but times out when putting in the internet address.
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Steve,
Try this in your proftpd.conf file
Code:
UseReverseDNS off
IdentLookups off
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Quote:
Originally Posted by frodon
Hi jbinc1,
I'm wondering something, when you say that you have a slow connections, do you mean transfert speed ?
Because most of DSL connections have a really poor upload speed compared to the download speed, maybe it's just your internet connection which have a low upload speed and a good download speed. It could explain why you download fast on other FTP server and not with yours.
Hi frodon,
I did some more tests and you're right. My conversion from Bps to kbps was wrong (oops). It looks like I'm getting all of the speed I'm going to get. My upload is limited to 312 kbps and I'm I'm averaging about 36000 Bps. I better double check my math next time. Live and learn.
Thanks for all of your help.
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Quote:
Originally Posted by jbinc1
Steve,
Try this in your proftpd.conf file
Code:
UseReverseDNS off
IdentLookups off
Thanks, it "seemed" to speed up the pw dialog box but still times out after entering name and pw.
-
Re: HOWTO : Create a FTP server with user access (proftpd)
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Quote:
Originally Posted by jbinc1
Do you have a firewall?
Yes, I do but it is ported open. Calls to the Apache server from outside go through.
It's on the same machine.
I'll mess with it more tomorrow.
-
Re: HOWTO : Create a FTP server with user access (proftpd)
I'm still not connecting from a ******* machine using the server's internet address. Using IE I put in the pw and it hangs on "Getting contents of folder".
Times out with "An error occured on the server, make sure you have permission to access that folder". (I know thats a standard Win error format)
I can connect fine using the 192.168 internal though.
More ideas?
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Could you post your proftpd.conf, i'd like to see if there isn't something which block the LIST or CWD command, it could come from you configuration file or from wrong system rights in your ftp folder.
Also if you use IE to connect to the ftp server don't forget to specify the port if you don't use port 21, i give you an example corresponding to the guide (which use the port 1980) : ftp:\\sauron@100.12.xx.xxx:1980
-
Re: HOWTO : Create a FTP server with user access (proftpd)
I am currently using port 21 because I haven't yet figured out to make a port change in my Netgear FVS318. It has a dropdown for service but no selection of ports.
Still looking for it....
Thank you Frodon!
Here is my conf file:
# To really apply changes reload proftpd after modifications.
AllowOverwrite on
AuthAliasOnly on
# Choose here the user alias you want !!!!
UserAlias steve userftp
ServerName "Ubuntu"
ServerType standalone
DeferWelcome on
UseReverseDNS off
IdentLookups off
MultilineRFC2228 on
DefaultServer on
ShowSymlinks off
TimeoutNoTransfer 600
TimeoutStalled 100
TimeoutIdle 2200
DisplayFirstChdir .message
ListOptions "-l"
RequireValidShell off
TimeoutLogin 99
RootLogin off
# It's better for debug to create log files ;-)
ExtendedLog /var/log/ftp.log
TransferLog /var/log/xferlog
SystemLog /var/log/syslog.log
#DenyFilter \*.*/
# I don't choose to use /etc/ftpusers file (set inside the users you want to ban, not useful for me)
UseFtpUsers off
# Allow to restart a download
AllowStoreRestart on
# Port 21 is the standard FTP port, so don't use it for security reasons (choose here the port you want)
Port 21
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 8
# Set the user and group that the server normally runs at.
User nobody
Group nogroup
# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask 022 022
PersistentPasswd off
MaxClients 8
MaxClientsPerHost 8
MaxClientsPerUser 8
MaxHostsPerUser 8
# Display a message after a successful login
AccessGrantMsg "welcome !!!"
# This message is displayed for each access good or not
ServerIdent on "you're at home"
# Set /home/FTP-shared directory as home directory
DefaultRoot /home/FTP-shared
# Lock all the users in home directory, ***** really important *****
DefaultRoot ~
MaxLoginAttempts 5
#VALID LOGINS
<Limit LOGIN>
AllowUser userftp
DenyALL
</Limit>
<Directory /home/FTP-shared>
Umask 022 022
AllowOverwrite off
<Limit MKD STOR DELE XMKD RNRF RNTO RMD XRMD>
DenyAll
</Limit>
</Directory>
<Directory /home/FTP-shared/download/*>
Umask 022 022
AllowOverwrite off
<Limit MKD STOR DELE XMKD RNEF RNTO RMD XRMD>
DenyAll
</Limit>
</Directory>
<Directory> /home/FTP-shared/upload/>
Umask 022 022
AllowOverwrite on
<Limit READ RMD DELE>
DenyAll
</Limit>
<Limit STOR CWD MKD>
AllowAll
</Limit>
</Directory>
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Having a bit of trouble with step 3 "sudo gedit /etc/proftpd.conf" on the first page.
This file does not exist.
What have I done wrong, thanks
I did a search on this file (I think I did the search right) and it does not exist anyware on the system.
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Try it in a new terminal window.
When doing a search, I don't remember if it is a hidden file (don't think so).
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Quote:
Originally Posted by steve_250
Try it in a new terminal window.
When doing a search, I don't remember if it is a hidden file (don't think so).
Didn't help when I don't read it carefully
sudo apt-get install proftpd
Reading package lists... Done
Building dependency tree... Done
E: Couldn't find package proftpd
What did I do wrong?
Do I have to add extra repositories?
Thanks
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Bluelce, indeed you shouldn't have all the repositories enabled. You could post you /etc/apt/source.list here if you wish otherwise you will find all needed informations about source.list here : http://www.ubuntuforums.org/showthread.php?t=92672.
steve_250, your configuration sounds good for me, so i think the problem should be your Netgear FVS318 configuration, because all your FTP server configuration seems good.
-
Re: HOWTO : Create a FTP server with user access (proftpd)
steve_250
Take a look at these links from frodon's HOWTO.
Other stuff
If you have a router you should read that, it describe the 2 commands to add in proftpd.conf and why.
If you have a dynamic DNS have a look here, you can also use ddclient(maybe easier for newbies).
Most of informations you're looking for are here
To get more debug informations : http://www.proftpd.org/localsite/Use...ked/x1058.html
You can specify a specific passive port range using PassivePorts command, it's very useful when you use a firewall in order to know which ports to allow.
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Quote:
Originally Posted by frodon
Alright I got it working, prob not how I wanted it to run but here is what I did.
Commented in
deb http://au.archive.ubuntu.com/ubuntu breezy universe
deb-src http://au.archive.ubuntu.com/ubuntu breezy universe
(Not sure if I am supposed to comment out other ones)
Then Installed proftpd, instructions on on first page of this thread.
I then wanted a GUI (I'm very new to linux)
gproftpd is at: http://mange.dynalias.org/linux.html
Not sure if I did the right thing but I downloaded the source.
Needed to compile it and somehow got to this page: http://www.psychocats.net/linux/installingsoftware.php
All beginners should read this, it made it really easy:) REALLY
End up running
sudo apt-get install build-essential
I think I then needed Development files for the GTK
So Installed libgtk2.0-dev (Development files for the GTK+ library) from Synaptic Package Manager. I hope that was the right thing to do.
I think it then compiled OK as I was able to run the GUI.
Problems:
1. Installed gproftpd in Home directory (How do I stop that from happing in the future and how can I fix that now(Copy n paste)?
2. How do I run something as root. Can I add it to the menu.
3. Should I wright commands in the forums with a $ in front of them?
Thanks
-
Re: HOWTO : Create a FTP server with user access (proftpd)
1. Generally only the config files are installed in the home directory because it defines specific setting for your user and only your user.
2. To run gproftpd as root, use this command in a terminal : 3. Up to you ;)
But even if you're new to linux you don't inevitably need a GUI, especially if you use often your server. Also if you just want a GUI to see the traffic on your ftp server the "ftptop" command is enough.
However i planed to write a short guide in the next 3 weeks for Gproftpd if it's needed.
So if you finally use Gproftpd and enjoy using it don't forget to tell me.
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Ok, finally found where to change the ftp port number in the router.
I changed it to 1980, it IS supposed to be TCP, oui?
Added the masquereding and passive lines in your page one example.
However, now I get "Connection refused" even when doing it through the same machine using Firefox. Using gftp I see:
230 welcome !!!
SYST
215 UNIX Type: L8
TYPE I
200 Type set to I
PWD
257 "/" is current directory.
Loading directory listing / from server (LC_TIME=en_US.UTF-8)
PORT 192,168,2,33,18,53
500 Illegal PORT command
Invalid response '5' received from server.
Disconnecting from site such.and.such
](*,)
Oh yeah, Frodon, in the nmap usage example, the I (eye) feature is no longer supported.
-
Re: HOWTO : Create a FTP server with user access (proftpd)
frodon,
I've been doing some testing on gftpd. I had problems installing from source. First, you have to make sure you have a c compiler installed. Next, it seems the the source is broken. I've tried everything I could think of to get it to work. So, I did some searching and was able to find a debian package and installed it. I was able to install but there are some errors in the config out of the box (ie. it looks for a directories that don't exist). I made some changes to the config file, but I continue to get a SecurityLog errror. I did a check on the syntax and everything was good. I had to add the directories it was looking for to stop the error
The interface seems nice, but there is a definite lack of documentation on the sight or in the help file to support the program. I don't know if it would be a help or a hinderence to someone trying to set up their first ftp server.
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Update:
On same machine, switched gftp to passive and it logs on but gets stuck at "Receiving file names".
Tried ascii and also removing the -L option, still stuck.
-
Re: HOWTO : Create a FTP server with user access (proftpd)
I don't think the problem come from the the ListOptions so you should keep the -l option.
I think you should look in your router configuration first, you have to configure your router to link the port 1980 to your PC and also to enable it with the good protocol.
Don't forget to have a look in the proftpd forum, there's a lot of useful informations in, maybe you could find here a user who use the same router as you : http://forums.proftpd.org/phpBB2/
-
Re: HOWTO : Create a FTP server with user access (proftpd)
The link above doesn't work, I'll start at their main page.
I do have the router set to port 1980, changed it back to 21 and got the same error.
I looked at the ftp.log and found the router is passing the request through but the file list isn't coming through.
138.88.144.129 UNKNOWN nobody [10/Jan/2006:10:48:12 -0500] "USER steve" 331 -
138.88.144.129 UNKNOWN userftp [10/Jan/2006:15:48:12 +0000] "PASS (hidden)" 230 -
138.88.144.129 UNKNOWN userftp [10/Jan/2006:15:48:12 +0000] "SYST" 215 -
138.88.144.129 UNKNOWN userftp [10/Jan/2006:15:48:12 +0000] "TYPE I" 200 -
138.88.144.129 UNKNOWN userftp [10/Jan/2006:15:48:12 +0000] "PWD" 257 -
138.88.144.129 UNKNOWN userftp [10/Jan/2006:15:48:12 +0000] "PASV" 227 -
138.88.144.129 UNKNOWN userftp [10/Jan/2006:15:50:13 +0000] "PASV" 227 -
I have the permissions set as you said to set them.
-
Re: HOWTO : Create a FTP server with user access (proftpd)
No progress...
Everything set to port 1980 (router, conf & gftp)
From the router log when attempting to gftp in from same machine:
Tues, 01/10/2006 09:48:17 - UDP packet dropped - Source:221.1.204.254, 45006, WAN - Destination:138.88.144.129, 1027, LAN - 'Suspicious UDP Data'
Tues, 01/10/2006 09:50:23 - TCP connection dropped - Source:138.88.28.18, 2770, WAN - Destination:138.88.144.129, 445, LAN - 'SMB'
From the debug log:
Jan 10 07:36:22 localhost kernel: [4718395.530000] ppdev0: registered pardevice
Jan 10 07:36:22 localhost kernel: [4718395.571000] ppdev0: unregistered pardevice
Jan 10 07:36:22 localhost kernel: [4718395.571000] ppdev1: claim the port first
Jan 10 07:36:22 localhost kernel: [4718395.571000] ppdev2: claim the port first
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Quote:
Originally Posted by jbinc1
I've been doing some testing on gftpd. I had problems installing from source. First, you have to make sure you have a c compiler installed. Next, it seems the the source is broken. I've tried everything I could think of to get it to work.
I think you might need the Development files for GTK
I Installed libgtk2.0-dev (Development files for the GTK+ library) from Synaptic Package Manager and I was able to install from source.
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Quote:
Originally Posted by frodon
1. Generally only the config files are installed in the home directory because it defines specific setting for your user and only your user.
2. To run gproftpd as root, use this command in a terminal :
3. Up to you ;)
But even if you're new to linux you don't inevitably need a GUI, especially if you use often your server. Also if you just want a GUI to see the traffic on your ftp server the "ftptop" command is enough.
However i planed to write a short guide in the next 3 weeks for Gproftpd if it's needed.
So if you finally use Gproftpd and enjoy using it don't forget to tell me.
1. I am pritty sure it is all installed it in the home directory as the etc and src directors are in there. I used the command $./Autoinstall it listed on the site. What is the correct way to install it, and do I have to uninstall the old one? Dose linux have a registry or am I correct in saying it just uses config files.
2. so that what sudo does:D
3. Umm thanks:)
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Quote:
Originally Posted by BlueIce
1What is the correct way to install it
For me the correct way to install it is to follow the instructions of the web site and just replace the final command (sudo make install) by :
Code:
sudo checkinstall -D
checkinstall is a tool (you can find it in synaptic) which allow you to create a .deb of the sources and install the software with all the needed informations to see it in synaptic and therefore uninstall it easily.
If you didn't use checkinstall and want to use it i think this command (in the gproftpd source directory) will uninstall gproftpd :
Code:
sudo make uninstall
-
Re: HOWTO : Create a FTP server with user access (proftpd)
It all looks good now.
thank you heaps for your help:D
-
Re: HOWTO : Create a FTP server with user access (proftpd)
For those who want to use the proftpd GUI, i updated the HOWTO with some short instructions and a .deb of the latest version.
After some tests, i found that gproftpd is not so bad but a little bit annoying for advanced users because the GUI is able to create directories and system users (you need to run it as root) and it's less secure (it's just my opinion ;) )
-
Re: HOWTO : Create a FTP server with user access (proftpd)
Is there a way i can manage this server via php on my apache2 server?
-
Re: HOWTO : Create a FTP server with user access (proftpd)
alright mine is really wierd. I can get proftpd to start. However, when i try to access it from another computer, it asks for my username and password. I put it in and press enter. It searches for something then comes back with the login window, how do i fix this? Here is my proftpd config.
Quote:
#
# /etc/proftpd.conf -- This is a basic ProFTPD configuration file.
# To really apply changes reload proftpd after modifications.
#
ServerName "OnDemand"
ServerType standalone
DeferWelcome off
MultilineRFC2228 on
DefaultServer on
ShowSymlinks on
TimeoutNoTransfer 600
TimeoutStalled 600
TimeoutIdle 1200
DisplayLogin welcome.msg
DisplayFirstChdir .message
ListOptions "-l"
DenyFilter \*.*/
DefaultRoot ~
# Uncomment this if you are using NIS or LDAP to retrieve passwords:
#PersistentPasswd off
# Uncomment this if you would use TLS module:
#TLSEngine on
# Uncomment this if you would use quota module:
#Quotas on
# Uncomment this if you would use ratio module:
#Ratios on
# Port 21 is the standard FTP port.
Port 21
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 30
# Set the user and group that the server normally runs at.
User admin
# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask 022 022
# Normally, we want files to be overwriteable.
AllowOverwrite on
# Delay engine reduces impact of the so-called Timing Attack described in
#
http://security.lss.hr/index.php?pag...LSS-2004-10-02
# It is on by default.
#DelayEngine off
# A basic anonymous configuration, no upload directories.
# <Anonymous ~ftp>
# User ftp
# Group nogroup
# # We want clients to be able to login with "anonymous" as well as "ftp"
# UserAlias anonymous ftp
# # Cosmetic changes, all files belongs to ftp user
# DirFakeUser on ftp
# DirFakeGroup on ftp
#
# RequireValidShell off
#
# # Limit the maximum number of anonymous logins
# MaxClients 10
#
# # We want 'welcome.msg' displayed at login, and '.message' displayed
# # in each newly chdired directory.
# DisplayLogin welcome.msg
# DisplayFirstChdir .message
#
# # Limit WRITE everywhere in the anonymous chroot
# <Directory *>
# <Limit WRITE>
# DenyAll
# </Limit>
# </Directory>
#
# # Uncomment this if you're brave.
# # <Directory incoming>
# # # Umask 022 is a good standard umask to prevent new files and dirs
# # # (second parm) from being group and world writable.
# # Umask 022 022
# # <Limit READ WRITE>
# # DenyAll
# # </Limit>
# # <Limit STOR>
# # AllowAll
# # </Limit>
# # </Directory>
#
# </Anonymous>