Using ProFTPD or any other FTP server in Linux

[mr_daemon]

  Webgraph said:

Well thanks for that info. It finally worked with the user logins, so I don't have to hassle you all about this question anymore.

I just realised I might have been a bit of a dick here. My apologies for sounding harsh, I had less then two hours of sleep last night =/

[seethru]

well, even though it's too late I'm going to put my 2cents in and say glftpd is a great ftp server program, fairly easy to setup and from there the server is administered by logging into it and sending SITE commands.

[MulletRobZ]

Well I can't use GLFTPD unless if I uninstall ProFTPD. Also, I'm faced with another problem. I tried to send a link to some of my friends and it says that the link cannot be accessed. Anyone try Serv-U under CodeWeavers CrossOver Office or WINE? If it works, let me know so I can rid Slackware of ProFTPD and I'll just use that.

[MulletRobZ]

Speaking of glFtpD, is there a link for glFtpD 2 (not glftpd.org) for Slackware 9.0 with the .tgz extension? If not 2, just whatever is the latest release as a Slackware package.

Edit: And just to let you know, I did try using Google to look for this package, but without that much luck.

[+BudMan MVC]

Dude the latest version of glftpd is like 1.32 according to glftpd.com and or glftp.at - and their freshmeat project site http://freshmeat.net/projects/glftpd/

It would make sense that if there was a 2 version, it would be on one of these, how could you not find them? Do a look on google for glftpd and they are all on the first page.

As to a package file - I saw no packages for glftpd on slackware site, but there is a gftp 2 package - but this is only a ftp client! But there is a download for a 1.32 tgz file on the glftpd.com site. Did you get the idea that glftpd was in a 2 version from the gftp client? Here is a link to the tgz file http://freshmeat.net/redir/glftpd/3339/url...pd-LNX_1.32.tgz

You mention that you sent a link to your friends - and it did not work. Maybe linux FTP is just too much for you to understand?? You said you had it working.

I would guess it is possible that if they clicked on a link in IE it locked out the account? Ie has a tendency to send blank info a few times before it puts up the dialog for username and password, etc.. Do you even know if FTP is listening through your router? Whats your IP address?

[MulletRobZ]

  BudMan said:

Dude the latest version of glftpd is like 1.32 according to glftpd.com and or glftp.at - and their freshmeat project site http://freshmeat.net/projects/glftpd/

It would make sense that if there was a 2 version, it would be on one of these, how could you not find them? Do a look on google for glftpd and they are all on the first page.

As to a package file - I saw no packages for glftpd on slackware site, but there is a gftp 2 package - but this is only a ftp client! But there is a download for a 1.32 tgz file on the glftpd.com site. Did you get the idea that glftpd was in a 2 version from the gftp client? Here is a link to the tgz file http://freshmeat.net/redir/glftpd/3339/url...pd-LNX_1.32.tgz

You mention that you sent a link to your friends - and it did not work. Maybe linux FTP is just too much for you to understand?? You said you had it working.

I would guess it is possible that if they clicked on a link in IE it locked out the account? Ie has a tendency to send blank info a few times before it puts up the dialog for username and password, etc.. Do you even know if FTP is listening through your router? Whats your IP address?

Check your PM, BudMan. ;)

[MulletRobZ]

Ah drat. Yet another question. This time, I'm trying to do this in GProftpD on my Fedora Core 4 desktop and I'm behind a router. My router is already configured to read the FTP server through port 10 and I haven't been able to log in from another computer (via my dynamic DNS address). However, I could log in locally if I used 127.0.0.1 and the virtual FTP server (192.168.0.158). So what would I need to do here? I attached a ZIP file with my proftpd.conf file for more information.

Can't believe that after a year of not using Linux, I forget this valuable information.

proftpd.zipFetching info...

[+BudMan MVC]

Why in the world would you be using port 10? Most routers that will fix ftp port issues, only do so when when the standard control port of 21 is used.. And since you have this disabled;

#MasqueradeAddress None

If I connect to your server in passive mode its going to send back 192.168.0.158 - how and the world do you expect anyone to connect from the public net on that IP address?

Also - depending on where a user is connecting from - it is quite possible port 10 is blocked.. That is not a standard port.. why should a corp firewall allow outbound traffic on 10?

I would suggest you move to a STANDARD control port of 21 - unless your isp is blocking them, because your not suppose to be running servers.. if that is the case ;) Why are you?

You should configure MasqueradeAddress to reflect your public address.. Or tell your users to connect in ACTIVE mode.. PM your public IP, and some user details - and I'll take a look

[j79zlr]

Since you are using DynDNS, you should set the MasqueradeAddress variable in proftpd.conf to whatever your dyndns address is, e.g.

MasqueradeAddress ftp.yourserver.com

Why are you forwarding 16,000 ports for a passive range?

[MulletRobZ]

If I use port 21, the FTP server will not work. I already tried that. That is the reason why I have my FTP port set at 10. And as for the passive range, that's the default, which I haven't changed.

As for the masqueade address, even that is not giving me any luck.

[j79zlr]

Need more info, what error is the ftp client spitting out when it tries to connect to your server?

[MulletRobZ]

When I tried typing my public address in the address bar into Firefox and into GFtp, it simply times out. In Firefox, I get a message after 30 - 60 seconds saying "The operation timed out when trying to connect to (address)." In GFtp, it just hangs at "Essai de (address)" as I use French as the default language. Nothing is added to the /var/log/secure file when trying to connect via my public address.

[j79zlr]

Are you specifying port 10 in the address for firefox and for GFtp? Are you sure that port 10 is open and forwarded correctly from your LAN to WAN? Have you nmaped your server? Are you sure that proftpd is running?

[MulletRobZ]

nmaped? WTF is that about? I specified port 10 for both Firefox and for GFtp. Port 10 IS open because I had it working that way with Serv-U in Windows before, and proftpd IS running according to GProftpd.

[+BudMan MVC]

why would use the PUBLIC IP from a machine on your local lan? Connect using your private address to machines on your local lan.. Quite a few routers will not do loopback forwarding anyway..

I just PM you - your router is NOT forwarding 10 to anything dude..

Verify that your server works from a machine on your network -- before you every even think of setting up your router.. if your ftp server is 192.168.1.100.. then on another machine on your network.. say 192.168.101 you should be able to ftp to it.. from a command line it would be like this

C:\>ftp 192.168.1.2

Connected to 192.168.1.2.

220 (vsFTPd 2.0.3)

User (192.168.1.2:(none)):

since your running yours on port 10 -- why nobody knows? Cuz you could not make it work last time?? what does that have to do with now?

Your going to have to use some other ftp client -- cuz the windows console ftp can bet told to connect to a different port.. but you could verify that it is listening on that port with telnet..

telnet 192.168.1.? 10

I would highly suggest you run your ftp server on the standard port 21.. if for some strange reason your ISP blocks this.. then forward port 10 to port 21 at your router..

[+BudMan MVC]

in answer to your PM dude..

RIGHT from the proftpd docs

http://www.proftpd.org/localsite/Userguide/linked/x862.html

Then add the directive "MasqueradeAddress" in your etc/proftpd.conf

file to define the public name or IP address of the NAT:

MasqueradeAddress ftp.mydomain.com

-or-

MasqueradeAddress 123.45.67.89

http://www.proftpd.org/localsite/Userguide...ultAddress.html

DefaultAddress [ dns-name|ip-address]

# We want the main server instance to listen on a specific IP

DefaultAddress 192.168.10.30

where do you get that this should be "ON"???

http://www.proftpd.org/localsite/Userguide...ServerName.html

ServerName -- Configure the name displayed to connecting users

ServerName [ ServerName "name"]

WTF kind of name is what you have? ServerName "0.0.0.0"

make it more like ServerName "Webgraphs FTP Server"

http://www.proftpd.org/localsite/Userguide...g_ref_Bind.html

Bind -- Bind the server or Virtualhost to a specific IP address

Bind [ IP address]

Where does it STATE that it could be 0.0.0.0??

As to your netstat - that is your machine trying to connect from port 10 to port 46694

you should see something like this

Proto Recv-Q Send-Q Local Address               Foreign Address             State      
tcp        0      0 0.0.0.0:21                  0.0.0.0:*                   LISTEN 

This means that your server is LISTENING on all addresses "127.0.0.1 and in my case 192.168.1.2"

on port 21 and that any foreign adddress from any PORT can connect to it.

Also - why would you EVER connected to your public "natted" address from your INSIDE network? Use the local addresses to connect to.. and if using ftp to a LOCAL server on your private lan.. why would you NOT use ACTIVE vs PASSIVE.. your ftp server is behind a NAT firewall.. so if you connect in passive mode.. the ftp server will tell you to connect to its PUBLIC IP address.. which depending on your router - you may NOT be able to do.. and for sure as heck will be slower having to bounce off your routers outside interface to connect to a machine that is right next to you..

I really do not undestand the difficulty here.. FC4, out of the box has vsftpd -- just turn it on and it works! ;) Is that your problem? Do you have another ftpd running on port 21?

Dude if you could give me like 10 minutes connected to this thing - we could have it working ;)

[MulletRobZ]

OK. Pardon me for being so hasty with this, but I was getting so frustrated. As for those errors you found with my configuration, that's how GProftpd sets their layout for some stupid reason. So I erased virtually the whole file and started over, including changing the port to 21 on the router and on the config file. Here is what I got for code so far.

ServerName              "Webgraph's  FTP Server"
ServerType              standalone
DefaultAddress          192.168.0.158
Port                    21
PassivePorts            60000 65535
MasqueradeAddress       webgraph.serveftp.net
MaxInstances            30
MaxLoginAttempts        3
TimeoutStalled          300
DisplayLogin            welcome.msg
DisplayFirstChdir       .message
User                    ftp
Group                   ftp

<Anonymous /home/ftp/campus>

  # Allow logins if they are disabled above.
  <Limit LOGIN>
    AllowAll
  </Limit>

  AnonRequirePassword           no

  # Maximum clients with message
  MaxClients                    5 "Sorry, max %m users -- try again later"

  User                          ftp
  Group                         ftp
  # We want clients to be able to login with "anonymous" as well as "ftp"
  UserAlias                     anonymous ftp

  # Limit WRITE everywhere in the anonymous chroot
  <Limit WRITE>
    DenyAll
  </Limit>

</Anonymous>

Now, when I try to log in by Mozilla Firefox or by GFtp, I get a 530 Error (Login Incorrect). At least I know I was wrong that port 21 doesn't work for FTP in Linux. I ended up getting this error before when I was redoing the Serv-U program for the router when I still has Windows XP. Would I have to change the line for anonymous in the /etc/passwd file so the x after anonymous is removed and thus, two colons follow anonymous? Or is it some other problem?

[+BudMan MVC]

well I was able to connect from remote - but it is not allowing anonymous access.. I do not have another account to try with..

Your going to have to read through the docs on how to setup user auth.. I would suggest you read thru the FAQ on this - I do believe it uses PAM by default..

http://www.proftpd.org/docs/faq/linked/faq-ch7.html

[MulletRobZ]

F***! I can't figure this crap out! I tried those suggestions and I'm still getting that darn error! Why does configuring FTP in Linux have to be such a pain in the rear end?

And yes, I checked the /etc/pam.d/ftp and that line, which should be commented out, has been since the start.

If you need to check other files for the problem, please let me know.

Edited July 13, 2005 by Webgraph

[j79zlr]

You're making it that hard, have you added a user/group ftp? Since I would assume you are not giving them a login shell, set the RequireValidShell to off.

ServerName              "Webgraph's  FTP Server"
ServerType              standalone
DefaultAddress          192.168.0.158
Port                    21
PassivePorts            60000 65535
MasqueradeAddress       webgraph.serveftp.net
MaxInstances            30
MaxLoginAttempts        3
TimeoutStalled          300
DisplayLogin            welcome.msg
DisplayFirstChdir       .message
User                    ftp
Group                   ftp

<Anonymous /home/ftp/campus>

 # Allow logins if they are disabled above.
 <Limit LOGIN>
   AllowAll
 </Limit>

 AnonRequirePassword           no

 # Maximum clients with message
 MaxClients                    5 "Sorry, max %m users -- try again later"

 User                          ftp
 Group                         ftp
 # We want clients to be able to login with "anonymous" as well as "ftp"
 UserAlias                     anonymous ftp

 #### ADD THIS ####
 RequireValidShell	off
 ###############

 # Limit WRITE everywhere in the anonymous chroot
 <Limit WRITE>
   DenyAll
 </Limit>

</Anonymous>

[MulletRobZ]

The user ftp appears to be there, but I'm still getting that bloody 530 error, even with that line added. Isn't there a simpler program to use, as I need something that's idiot proof, sort of speak, but I can't tolerate using Windows.

[+BudMan MVC]

What does the proftpd run as - do you have it running as ftp? Dude I really fail to see why your having such issues.. As to simpler program to use - there are PLENTY of ftpd to choose from.. with your distro of FC4.. I do believe the default ftp server is vsftp.. start the freaking service is about all you should have to do... ;)

I have never had to spend more than like 2 minutes getting any ftp server running :rofl:

As to configuring proftp.. I am fairly sure that webmin has a proftp module.. If your looking for ease of admin on a linux box.. the first thing that should be installed is webmin.. ;) http://www.webmin.com

quite a few distros have it as an option package out of the box.

[MulletRobZ]

According to KSysGuard, it appears that proftpd runs as root by default. And I don't have a password set for the user "ftp" as it was "automatically created". So what would I do in this case?

[+BudMan MVC]

dude what exactly do you want this FTP server to do - what special setup do you require? Cuz to be honest, I just got proftpd up and running in like 30 seconds.. In a nutshell here are the steps.. Since I was running vsftp - I had to remove that first.. I am counting that in the 30 second time frame..

service vsftpd stop

Shutting down vsftpd: [ OK ]

yum remove vsftpd

Setting up Remove Process

Resolving Dependencies

--> Populating transaction set with selected packages. Please wait.

---> Package vsftpd.i386 0:2.0.3-1 set to be erased

<snipped>

Remove 1 Package(s)

Total download size: 0

Is this ok [y/N]: y

Removed: vsftpd.i386 0:2.0.3-1

Complete!

yum install proftpd

Total download size: 715 k

Is this ok [y/N]: y

Downloading Packages:

(1/1): proftpd-1.2.10-4.i 100% |=========================| 715 kB 00:04

Installed: proftpd.i386 0:1.2.10-4

Complete!

service proftpd start

Starting proftpd: - warning: AuthPAMAuthoritative is deprecated

[ OK ]

From another machine on my network..

Microsoft Windows [Version 5.2.3790]

© Copyright 1985-2003 Microsoft Corp.

C:\>ftp 192.168.1.2

Connected to 192.168.1.2.

220 FTP Server ready.

User (192.168.1.2:(none)): budman

331 Password required for budman.

Password:

230 User budman logged in.

ftp>

And then any changes I would need to make to the config - look at that simple, easy to use WEB interface using webmin

Your difficulty is really driving me batty - to be completely honest a retarded monkey on crack, working on 30 minutes of sleep for the last week, and playing tetris and doing his taxes could have a ftp server up an running in a few minutes..

If you could give me access to this server "ssh" I will have it up and running proftpd for you in a couple of minutes.. Or if you give me the details of EXACTLY what you want setup other than just a standard ftp server.. I will post a config for you - don't take too long.. since I like vsftpd more than proftpd.. but I will leave it up so I can help you work through your issues for now..

[MulletRobZ]

OK. I'll just say f*** it with ProFTPD and I'll retry vsftpd.

EDIT:

OK. It appears to be working, all right. But when I log in as anonymous in the console, nothing comes up when I type ls, even though that user's home directory is supposed to have some folders. But at least when I tried it in Firefox, I know where to store the files for anonymous mode.

And hey, at least I could log in locally for the user files. Sorry that I put you into so much hassle, BudMan, but thanks for letting me know which program NOT to use!

Edited July 14, 2005 by Webgraph