So how would one go about changing how the page is displayed when accessing a site via web browser ftp://domain.com, is there anyway to dress it up to make it look nicer than an apache directory listing?
So how would one go about changing how the page is displayed when accessing a site via web browser ftp://domain.com, is there anyway to dress it up to make it look nicer than an apache directory listing?
I am trying to accomplish the same thing as this but my info is below
Group: Officer
User: Chaser
Directory
/home/field1/field2/field3
I added the group using
#sudo groupadd Officers
and added the user using
# sudo useradd -d /home/field1/field2/field3 -g Officers Chaser
I then set Chasers Password using
# sudo passwd Chaser
I then restarted the vsftpd service using
# service vsftpd restart
I tried connecting to my FTP (Filezilla) using the IP and port I set (I'm already using port 21) and this is what i have returned to me.
"Connection attempt failed with "ECONNREFUSED - Connection refused by server"."
What might i be doing wrong?
When you add a user, it is always good to do a reboot before attempting an ftp or other login.
First, verify the server has stayed running after restart
Make sure it has the same PID # as it did when you issued a restart.Code:j@jslay:~$ sudo service vsftpd restart [sudo] password for j: vsftpd stop/waiting vsftpd start/running, process 9767 jjslay:~$ sudo service vsftpd status vsftpd start/running, process 9767
Verify it is listening on your given port #
Code:sudo netstat -lnptu | grep vsftpd tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 9767/vsftpd
Check to make sure that user has a shell assigned. Even if it is /bin/dummy
Code:getent passwd Chaser | cut -d: -f7
If no shell has been defined, define one.
Add this line to the endCode:sudo vim /etc/shells
Save.Code:/bin/dummy
Mod the user's shell
Reboot the box and try again.Code:sudo usermod -s /bin/dummy Chaser
Last edited by Justin_Slay; August 20th, 2014 at 01:54 AM.
followed your tutorial, but receiving "GnuTLS Error -15" ...
I tried to disable ssl_enable and found out whats happening... the server can't handle the user configs!
I have to remove everything except for local_root and guest_username .... So what now? How to handle the user rights from here? Seems like either your tutorial is way too outdated or sth is still wrong on my side...Code:write_enable=YES anon_mkdir_write_enable=YES anon_other_write_enable=YES anon_upload_enable=YES local_root=/home/work chroot_local_user=YES dirlist_enable=YES download_enable=YES guest_username=workers
EDIT: Looks like that the specific virtual user configs are not allowed to overwrite the vsftpd.conf ... thats why I am receiving errors like
500 OOPS: bad bool value in config file for: write_enable
500 OOPS: bad bool value in config file for: chroot_local_user
.....
EDIT2: Resolved the problem by removing trailing spaces after each line
Last edited by Flauschie; August 25th, 2014 at 11:23 AM.
thank you epimeteo!
is there a way to limit specific commands such as mkdir or rm?
i see cmds_allowed and cmds_deny for vsftpd.conf, however they look ftp command related.
is there away to disable the subsystem commands that are avail with sftp ?
sftp> ?
Available commands:
bye Quit sftp
cd path Change remote directory to 'path'
chgrp grp path Change group of file 'path' to 'grp'
chmod mode path Change permissions of file 'path' to 'mode'
chown own path Change owner of file 'path' to 'own'
df [-hi] [path] Display statistics for current directory or
filesystem containing 'path'
exit Quit sftp
get [-P] remote-path [local-path] Download file
help Display this help text
lcd path Change local directory to 'path'
lls [ls-options [path]] Display local directory listing
lmkdir path Create local directory
ln oldpath newpath Symlink remote file
lpwd Print local working directory
ls [-1aflnrSt] [path] Display remote directory listing
lumask umask Set local umask to 'umask'
mkdir path Create remote directory
progress Toggle display of progress meter
put [-P] local-path [remote-path] Upload file
pwd Display remote working directory
quit Quit sftp
rename oldpath newpath Rename remote file
rm path Delete remote file
rmdir path Remove remote directory
symlink oldpath newpath Symlink remote file
version Show SFTP version
!command Execute 'command' in local shell
! Escape to local shell
? Synonym for help
sftp>
Edit: never mind, wrong package...
Yes, but it's more technical and depends on which version of OpenSSH server you are running, it's only in 6.5 and later. You can see a list of the requests which you can allow or block using -Q with the stand-alone sftp-server:
Then use -p or -P to whitelist or blacklist them in sshd_config with the Subsystem directive. It will take a bit of verbose log watching to work out what is allowed.Code:/usr/lib/sftp-server -Q requests
Code:Subsystem sftp internal-sftp -p foo,bar -l VERBOSE
Bookmarks