Hi, I have problems with vsftpd installing ISPconfig with debian sarge 3.1 the installation was correct but web-ftp don´t works when i put user and pass the ispconfig display this message: " Ha ocurrido el siguiente error: Could not connect as user web1_admin Next >> " and when i release this "next" it returns to login page. I try a lot of times but unfortunely each one, with other users, other passwords... not work´s can you help me please? thanks a lot !!
Did you enable FTP on the "Basis" tab of this web site? Does the login work if you use an FTP client like SmartFTP or WS_FTP?
Yes, I enable it. I try to login by one ftp client type SmartFTP DeluxeFTP or trought console, but don´t work. in console the message is : ftp> open 62.14.109.xxx Connected to 62.14.109.xxx 220 (vsFTPd 2.0.3) Name (62.14.109.xxx:tete): web1_admin 530 This FTP server is anonymous only. Login failed. ftp> close 221 Goodbye. ftp> open 62.14.109.xxx Connected to 62.14.109.xxx. 220 (vsFTPd 2.0.3) Name (62.14.109.xxx:tete): anonymous 331 Please specify the password. Password: 500 OOPS: cannot change directory:/home/ftp Login failed. ftp> and yes, the directory /home/ftp not exists maybe i have to create it? in my config of ispconfig i choose /var/www for apache, i don´t know if i have to create this directory or not. thank you very very much and please excuse-me for my bad english
FTP users in ISPConfig where normally chrooted to their home directory, so a user web1_admin can not change to /home/ftp. The home directory of the user web1_admin is /home/www/web1/ or /var/www/web1/ if you checked the administrator checkbox for this user. Why do you want to change to /home/ftp? This directory is not used by an ISPConfig hosting server?
ok, th ISPConfig has created 4 .conf for vsftpd vsftpd_127.0.0.1.conf vsftpd_172.26.0.xxx.conf vsftpd_62.14.109.xxx.conf and the vsftpd.conf here is : # Example config file /etc/vsftpd.conf # # The default compiled in settings are fairly paranoid. This sample file # loosens things up a bit, to make the ftp daemon more usable. # Please see vsftpd.conf.5 for all compiled in defaults. # # READ THIS: This example file is NOT an exhaustive list of vsftpd options. # Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's # capabilities. # # # Run standalone? vsftpd can run either from an inetd or as a standalone # daemon started from an initscript. listen=YES # # Run standalone with IPv6? # Like the listen parameter, except vsftpd will listen on an IPv6 socket # instead of an IPv4 one. This parameter and the listen parameter are mutually # exclusive. #listen_ipv6=YES # # Allow anonymous FTP? (Beware - allowed by default if you comment this out). anonymous_enable=YES # # Uncomment this to allow local users to log in. #local_enable=YES # # Uncomment this to enable any form of FTP write command. #write_enable=YES # # Default umask for local users is 077. You may wish to change this to 022, # if your users expect that (022 is used by most other ftpd's) #local_umask=022 # # Uncomment this to allow the anonymous FTP user to upload files. This only # has an effect if the above global write enable is activated. Also, you will # obviously need to create a directory writable by the FTP user. #anon_upload_enable=YES # # Uncomment this if you want the anonymous FTP user to be able to create # new directories. #anon_mkdir_write_enable=YES # # Activate directory messages - messages given to remote users when they # go into a certain directory. dirmessage_enable=YES # # Activate logging of uploads/downloads. xferlog_enable=YES # # Make sure PORT transfer connections originate from port 20 (ftp-data). connect_from_port_20=YES # # If you want, you can arrange for uploaded anonymous files to be owned by # a different user. Note! Using "root" for uploaded files is not # recommended! #chown_uploads=YES #chown_username=whoever # # You may override where the log file goes if you like. The default is shown # below. #xferlog_file=/var/log/vsftpd.log # # If you want, you can have your log file in standard ftpd xferlog format #xferlog_std_format=YES # # You may change the default value for timing out an idle session. #idle_session_timeout=600 # # You may change the default value for timing out a data connection. #data_connection_timeout=120 # # It is recommended that you define on your system a unique user which the # ftp server can use as a totally isolated and unprivileged user. #nopriv_user=ftpsecure # # Enable this and the server will recognise asynchronous ABOR requests. Not # recommended for security (the code is non-trivial). Not enabling it, # however, may confuse older FTP clients. #async_abor_enable=YES # # By default the server will pretend to allow ASCII mode but in fact ignore # the request. Turn on the below options to have the server actually do ASCII # mangling on files when in ASCII mode. # Beware that turning on ascii_download_enable enables malicious remote parties # to consume your I/O resources, by issuing the command "SIZE /big/file" in # ASCII mode. # These ASCII options are split into upload and download because you may wish # to enable ASCII uploads (to prevent uploaded scripts etc. from breaking), # without the DoS risk of SIZE and ASCII downloads. ASCII mangling should be # on the client anyway.. #ascii_upload_enable=YES #ascii_download_enable=YES # # You may fully customise the login banner string: #ftpd_banner=Welcome to blah FTP service. # # You may specify a file of disallowed anonymous e-mail addresses. Apparently # useful for combatting certain DoS attacks. #deny_email_enable=YES # (default follows) #banned_email_file=/etc/vsftpd.banned_emails # # You may restrict local users to their home directories. See the FAQ for # the possible risks in this before using chroot_local_user or # chroot_list_enable below. #chroot_local_user=YES # # You may specify an explicit list of local users to chroot() to their home # directory. If chroot_local_user is YES, then this list becomes a list of # users to NOT chroot(). #chroot_list_enable=YES # (default follows) #chroot_list_file=/etc/vsftpd.chroot_list # # You may activate the "-R" option to the builtin ls. This is disabled by # default to avoid remote users being able to cause excessive I/O on large # sites. However, some broken FTP clients such as "ncftp" and "mirror" assume # the presence of the "-R" option, so there is a strong case for enabling it. #ls_recurse_enable=YES # # # Debian customization # # Some of vsftpd's settings don't fit the Debian filesystem layout by # default. These settings are more Debian-friendly. # # This option should be the name of a directory which is empty. Also, the # directory should not be writable by the ftp user. This directory is used # as a secure chroot() jail at times vsftpd does not require filesystem # access. secure_chroot_dir=/var/run/vsftpd # # This string is the name of the PAM service vsftpd will use. pam_service_name=vsftpd # # This option specifies the location of the RSA certificate to use for SSL # encrypted connections. rsa_cert_file=/etc/ssl/certs/vsftpd.pem well, if you want I paste the other tree... thank you a lot
Can't connect using VSFTP I installed vsftpd and seems to be running, when I try to connect using SFTP I get an error not able to connect that the server doesnt respond if I do regular FTP it connects fine is there something I can look at I see that I have port 20 in the config of vsftpd using ISPCONFIG control panel I open this port and still no luck. Does anyone have an idea in what could be the problem? Thank you in advance.
SFTP is handled by your SSH daemon and not by vsftpd. You will have to enable shell access for users that shall use sftp, but I dont recommend that unless you use chrooted SSH accounts.
Vsftpd - ispconfig web-ftp Helo, to use vsftpd and WEB-ftp you can edit /etc/vsftpd.conf. Change to: anonymous_enable=NO write_enable=YES local_enable=YES chroot_local_user=YES restart vsftpd (ispconfig_tcp...) It worked for me. With chroot yuo get little more security too. ___________________ Pelle
I'm having the same problem. I'm still getting the error "This FTP server is anonymous only". It seems to me that vsftpd isn't even reading the changes I make in vsftpd.conf, even though I've tried restarting the service, and even stopping and restarting manually. Can anyone offer any further help on this please? Below I have posted the contents of my vsftpd.conf file. ---------------------------- # Example config file /etc/vsftpd.conf # # The default compiled in settings are fairly paranoid. This sample file # loosens things up a bit, to make the ftp daemon more usable. # Please see vsftpd.conf.5 for all compiled in defaults. # # READ THIS: This example file is NOT an exhaustive list of vsftpd options. # Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's # capabilities. # # # Run standalone? vsftpd can run either from an inetd or as a standalone # daemon started from an initscript. listen=YES # # Run standalone with IPv6? # Like the listen parameter, except vsftpd will listen on an IPv6 socket # instead of an IPv4 one. This parameter and the listen parameter are mutually # exclusive. #listen_ipv6=YES # # Allow anonymous FTP? (Beware - allowed by default if you comment this out). anonymous_enable=NO # # Uncomment this to allow local users to log in. local_enable=YES # # Uncomment this to enable any form of FTP write command. write_enable=YES # # Default umask for local users is 077. You may wish to change this to 022, # if your users expect that (022 is used by most other ftpd's) #local_umask=022 # # Uncomment this to allow the anonymous FTP user to upload files. This only # has an effect if the above global write enable is activated. Also, you will # obviously need to create a directory writable by the FTP user. #anon_upload_enable=YES # # Uncomment this if you want the anonymous FTP user to be able to create # new directories. #anon_mkdir_write_enable=YES # # Activate directory messages - messages given to remote users when they # go into a certain directory. dirmessage_enable=YES # # Activate logging of uploads/downloads. xferlog_enable=YES # # Make sure PORT transfer connections originate from port 20 (ftp-data). connect_from_port_20=YES # # If you want, you can arrange for uploaded anonymous files to be owned by # a different user. Note! Using "root" for uploaded files is not # recommended! #chown_uploads=YES #chown_username=whoever # # You may override where the log file goes if you like. The default is shown # below. #xferlog_file=/var/log/vsftpd.log # # If you want, you can have your log file in standard ftpd xferlog format #xferlog_std_format=YES # # You may change the default value for timing out an idle session. #idle_session_timeout=600 # # You may change the default value for timing out a data connection. #data_connection_timeout=120 # # It is recommended that you define on your system a unique user which the # ftp server can use as a totally isolated and unprivileged user. #nopriv_user=ftpsecure # # Enable this and the server will recognise asynchronous ABOR requests. Not # recommended for security (the code is non-trivial). Not enabling it, # however, may confuse older FTP clients. #async_abor_enable=YES # # By default the server will pretend to allow ASCII mode but in fact ignore # the request. Turn on the below options to have the server actually do ASCII # mangling on files when in ASCII mode. # Beware that turning on ascii_download_enable enables malicious remote parties # to consume your I/O resources, by issuing the command "SIZE /big/file" in # ASCII mode. # These ASCII options are split into upload and download because you may wish # to enable ASCII uploads (to prevent uploaded scripts etc. from breaking), # without the DoS risk of SIZE and ASCII downloads. ASCII mangling should be # on the client anyway.. #ascii_upload_enable=YES #ascii_download_enable=YES # # You may fully customise the login banner string: ftpd_banner=Welcome to Luggage's FTP service. # # You may specify a file of disallowed anonymous e-mail addresses. Apparently # useful for combatting certain DoS attacks. #deny_email_enable=YES # (default follows) #banned_email_file=/etc/vsftpd.banned_emails # # You may restrict local users to their home directories. See the FAQ for # the possible risks in this before using chroot_local_user or # chroot_list_enable below. chroot_local_user=YES # # You may specify an explicit list of local users to chroot() to their home # directory. If chroot_local_user is YES, then this list becomes a list of # users to NOT chroot(). #chroot_list_enable=YES # (default follows) #chroot_list_file=/etc/vsftpd.chroot_list # # You may activate the "-R" option to the builtin ls. This is disabled by # default to avoid remote users being able to cause excessive I/O on large # sites. However, some broken FTP clients such as "ncftp" and "mirror" assume # the presence of the "-R" option, so there is a strong case for enabling it. #ls_recurse_enable=YES # # # Debian customization # # Some of vsftpd's settings don't fit the Debian filesystem layout by # default. These settings are more Debian-friendly. # # This option should be the name of a directory which is empty. Also, the # directory should not be writable by the ftp user. This directory is used # as a secure chroot() jail at times vsftpd does not require filesystem # access. secure_chroot_dir=/var/run/vsftpd # # This string is the name of the PAM service vsftpd will use. pam_service_name=vsftpd # # This option specifies the location of the RSA certificate to use for SSL # encrypted connections. rsa_cert_file=/etc/ssl/certs/vsftpd.pem
No, I get no errors. I only get the "anonymous only" error when I try to connect to the service over ftp from either the local terminal or an ftp program in Windows (SmartFTP). Below, I have posted the output of netstat -tap... ---------------------------------------------- Luggage:/etc# netstat -tap Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 localhost:2208 *:* LISTEN 2259/hpiod tcp 0 0 *:imaps *:* LISTEN 2649/inetd tcp 0 0 *:nfs *:* LISTEN - tcp 0 0 *:afpovertcp *:* LISTEN 2595/afpd tcp 0 0 *:swat *:* LISTEN 2649/inetd tcp 0 0 *:netbios-ssn *:* LISTEN 2658/smbd tcp 0 0 *op3 *:* LISTEN 2649/inetd tcp 0 0 *:imap2 *:* LISTEN 2649/inetd tcp 0 0 *:sunrpc *:* LISTEN 1943/portmap tcp 0 0 localhost:51152 *:* LISTEN 2262/python tcp 0 0 *:auth *:* LISTEN 2649/inetd tcp 0 0 *:ftp *:* LISTEN 4115/vsftpd tcp 0 0 Luggage.local:domain *:* LISTEN 2209/named tcp 0 0 *:693 *:* LISTEN 2634/rpc.mountd tcp 0 0 localhost:domain *:* LISTEN 2209/named tcp 0 0 localhost:ipp *:* LISTEN 2405/cupsd tcp 0 0 localhost:smtp *:* LISTEN 2568/exim4 tcp 0 0 localhost:953 *:* LISTEN 2209/named tcp 0 0 *:33627 *:* LISTEN 2743/rpc.statd tcp 0 0 localhost:4700 *:* LISTEN 2597/cnid_metad tcp 0 0 *:microsoft-ds *:* LISTEN 2658/smbd tcp 0 0 *:55966 *:* LISTEN - tcp 0 0 Luggage.local:56029 jc-in-f99.google.co:www ESTABLISHED4028/firefox-bin tcp 0 0 Luggage.local:60420 84.53.178.27:www ESTABLISHED4028/firefox-bin tcp 0 0 Luggage.local:57891 84.53.178.49:www ESTABLISHED4028/firefox-bin tcp 0 0 Luggage.local:56477 nf-in-f164.google.c:www ESTABLISHED4028/firefox-bin tcp 0 0 Luggage.local:43254 84.53.178.40:www ESTABLISHED4028/firefox-bin tcp6 0 0 *:www *:* LISTEN 2822/apache2 tcp6 0 0 *:domain *:* LISTEN 2209/named tcp6 0 0 ip6-localhost:953 *:* LISTEN 2209/named
Please make sure that you select "vsftpd" in ISPConfig under management > server > settings on the ftp tab.
Sorry, but where is this option? If it's meant to be in the system menu I can't see it. If it's any help I'm running Debian Linux under KDE 3.5. [EDIT] OK I had a look and found I did not have ISPConfig installed on my system. After following instructions to install it on howtoforge, I went to 127.0.0.1:81 and logged in. I found the option "management > server > settings > ftp tab" and indeed VS-FTP was already selected, and the conf file was identified to be in "/etc/vsftpd.conf" (which is correct). I applied the settings again anyway and also restarted vsftpd but unfortunately I still can't log onto the FTP server with an actual user and it keeps insisting that its anonymous only. Can anyone suggest anything else?
Ahh! Got it working! BTW To answer your question, yes I made the user in ISPConfig. The problem was that I wasn't restarting the service properly. In the terminal, I was running: Code: #service vsftpd restart ...when really I should've been running... Code: /etc/init.d/vsftpd restart However, to re-answer a previous question, I do get errors when I restart the service: How can I resolve this little error?
You're running the command from a directory which doesn't exist anymore (I assume it's the ISPConfig installation directory?). Go to an existing directory, and the warning disappears.
It seems to happen regardless of whichever directory I run it from. Nonetheless its working now. Thank you all for your help