ISPConfig 3.2 - FTP error

Discussion in 'Installation/Configuration' started by jhonatandiazp, Dec 2, 2021.

Page 1 of 2
  1. jhonatandiazp

    jhonatandiazp Member HowtoForge Supporter

    I am having a really hard time with the ftp service. I setup the multiserver ISPConfig and the FTP is not working correctly. I see that Filezilla WinsCP get connected but are unable to retrieved directory. Servers have public IPs not behind firewall. I am new with linux and the ispconfig.

    Status: Retrieving directory listing...
    Thanks
     
    jhonatandiazp, Dec 2, 2021
    #1
  2. Jesse Norell

    Jesse Norell Well-Known Member Staff Member Howtoforge Staff

    Jesse Norell, Dec 2, 2021
    #2
  3. jhonatandiazp

    jhonatandiazp Member HowtoForge Supporter

    Thank you for the response. I do not have any firewall between servers and internet. I did that without any luck. I added those passive ports to the conf file and in the ISPConfig web console. Still same problem.
     
    jhonatandiazp, Dec 2, 2021
    #3
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    till, Dec 2, 2021
    #4
  5. Jesse Norell

    Jesse Norell Well-Known Member Staff Member Howtoforge Staff

    Maybe your client isn't using passive mode? You'll have the same issue using active mode if you have a firewall or nat on your end which doesn't allow the active port connection - check that you're using passive mode, and if still an issue, see what debugging you can enable to trace what's going on better.
     
    Jesse Norell, Dec 2, 2021
    #5
  6. Jesse Norell

    Jesse Norell Well-Known Member Staff Member Howtoforge Staff

    Another solution to the "how to transfer files" issue that I prefer is to not use FTP at all, but SFTP or SCP; to do so, create a shell user for the site, rather than an ftp user. (I do keep FTP running for customers on most servers, but haven't needed/used it myself in years).
     
    Last edited: Dec 2, 2021
    Jesse Norell, Dec 2, 2021
    #6
  7. jhonatandiazp

    jhonatandiazp Member HowtoForge Supporter

    jhonatandiazp, Dec 2, 2021
    #7
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    In your current folder.
     
    till, Dec 2, 2021
    #8
  9. jhonatandiazp

    jhonatandiazp Member HowtoForge Supporter

    Here is the code of the report.
    Code:
    ##### SERVER #####
IP-address (as per hostname): ***.***.***.***
[WARN] could not determine server's ip address by ifconfig
[INFO] OS version is Debian GNU/Linux 11 (bullseye)

[INFO] uptime:  12:13:59 up 23 days, 48 min,  1 user,  load average: 0.03, 0.03, 0.00

[INFO] memory:
               total        used        free      shared  buff/cache   available
Mem:            23Gi       1.8Gi        17Gi        43Mi       4.5Gi        21Gi
Swap:          7.9Gi          0B       7.9Gi

[INFO] systemd failed services status:
  UNIT LOAD ACTIVE SUB DESCRIPTION
0 loaded units listed.

[INFO] ISPConfig is installed.

##### ISPCONFIG #####
ISPConfig version is 3.2.7p1


##### VERSION CHECK #####

[INFO] php (cli) version is 7.4.25
[INFO] php-cgi (used for cgi php in default vhost!) is version 7.4.25

##### PORT CHECK #####

[WARN] Port 8080 (ISPConfig) seems NOT to be listening
[WARN] Port 143 (IMAP server) seems NOT to be listening
[WARN] Port 993 (IMAP server SSL) seems NOT to be listening
[WARN] Port 110 (POP3 server) seems NOT to be listening
[WARN] Port 995 (POP3 server SSL) seems NOT to be listening
[WARN] Port 465 (SMTP server SSL) seems NOT to be listening

##### MAIL SERVER CHECK #####

[WARN] I found no "submission" entry in your postfix master.cf
[INFO] this is not critical, but if you want to offer port 587 for smtp connections you have to en
able this.
[WARN] I found no "smtps" entry in your postfix master.cf
[INFO] this is not critical, but if you want to offer SSL for smtp (not TLS) connections you have
to enable this.

##### RUNNING SERVER PROCESSES #####

[INFO] I found the following web server(s):
        Apache 2 (PID 545991)
[INFO] I found the following mail server(s):
        Postfix (PID 157669)
[WARN] I could not determine which pop3 server is running.
[WARN] I could not determine which imap server is running.
[INFO] I found the following ftp server(s):
        PureFTP (PID 550476)

##### LISTENING PORTS #####
(only           ()
Local           (Address)
***.***.***.***:60618           (555818/pure-ftpd)
[localhost]:11211               (122990/memcached)
***.***.***.***:45548           (555953/pure-ftpd)
***.***.***.***:19148           (555822/pure-ftpd)
***.***.***.***:31599           (555914/pure-ftpd)
***.***.***.***:64116           (555983/pure-ftpd)
[anywhere]:21           (550476/pure-ftpd)
***.***.***.***:53              (157908/named)
***.***.***.***:53              (157908/named)
***.***.***.***:53              (157908/named)
***.***.***.***:53              (157908/named)
***.***.***.***:53              (157908/named)
***.***.***.***:53              (157908/named)
***.***.***.***:53              (157908/named)
***.***.***.***:53              (157908/named)
[localhost]:53          (157908/named)
[localhost]:53          (157908/named)
[localhost]:53          (157908/named)
[localhost]:53          (157908/named)
[localhost]:53          (157908/named)
[localhost]:53          (157908/named)
[localhost]:53          (157908/named)
[localhost]:53          (157908/named)
[anywhere]:22           (600/sshd:)
[localhost]:953         (157908/named)
[localhost]:25          (157669/master)
***.***.***.***:17626           (555820/pure-ftpd)
*:*:*:*::*:3306         (157027/mariadbd)
*:*:*:*::*:80           (545991/apache2)
*:*:*:*::*:8081         (545991/apache2)
*:*:*:*::*:21           (550476/pure-ftpd)
*:*:*:*::*:53           (157908/named)
*:*:*:*::*:53           (157908/named)
*:*:*:*::*:53           (157908/named)
*:*:*:*::*:53           (157908/named)
*:*:*:*::*:53           (157908/named)
*:*:*:*::*:53           (157908/named)
*:*:*:*::*:53           (157908/named)
*:*:*:*::*:53           (157908/named)
*:*:*:*::**:*:*:*::*53          (157908/named)
*:*:*:*::**:*:*:*::*53          (157908/named)
*:*:*:*::**:*:*:*::*53          (157908/named)
*:*:*:*::**:*:*:*::*53          (157908/named)
*:*:*:*::**:*:*:*::*53          (157908/named)
*:*:*:*::**:*:*:*::*53          (157908/named)
*:*:*:*::**:*:*:*::*53          (157908/named)
*:*:*:*::**:*:*:*::*53          (157908/named)
*:*:*:*::*:22           (600/sshd:)
*:*:*:*::*:25           (157669/master)
*:*:*:*::*:953          (157908/named)
*:*:*:*::*:443          (545991/apache2)




##### IPTABLES #####
Chain INPUT (policy DROP)
target     prot opt source               destination
f2b-pure-ftpd  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 21
f2b-sshd   tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 22
ufw-before-logging-input  all  --  [anywhere]/0            [anywhere]/0
ufw-before-input  all  --  [anywhere]/0            [anywhere]/0
ufw-after-input  all  --  [anywhere]/0            [anywhere]/0
ufw-after-logging-input  all  --  [anywhere]/0            [anywhere]/0
ufw-reject-input  all  --  [anywhere]/0            [anywhere]/0
ufw-track-input  all  --  [anywhere]/0            [anywhere]/0

Chain FORWARD (policy DROP)
target     prot opt source               destination
ufw-before-logging-forward  all  --  [anywhere]/0            [anywhere]/0
ufw-before-forward  all  --  [anywhere]/0            [anywhere]/0
ufw-after-forward  all  --  [anywhere]/0            [anywhere]/0
ufw-after-logging-forward  all  --  [anywhere]/0            [anywhere]/0
ufw-reject-forward  all  --  [anywhere]/0            [anywhere]/0
ufw-track-forward  all  --  [anywhere]/0            [anywhere]/0

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
ufw-before-logging-output  all  --  [anywhere]/0            [anywhere]/0
ufw-before-output  all  --  [anywhere]/0            [anywhere]/0
ufw-after-output  all  --  [anywhere]/0            [anywhere]/0
ufw-after-logging-output  all  --  [anywhere]/0            [anywhere]/0
ufw-reject-output  all  --  [anywhere]/0            [anywhere]/0
ufw-track-output  all  --  [anywhere]/0            [anywhere]/0

Chain f2b-pure-ftpd (1 references)
target     prot opt source               destination
RETURN     all  --  [anywhere]/0            [anywhere]/0

Chain f2b-sshd (1 references)
target     prot opt source               destination
REJECT     all  --  ***.***.***.***        [anywhere]/0            reject-with icmp-port-unreachab
le
REJECT     all  --  ***.***.***.***      [anywhere]/0            reject-with icmp-port-unreachable
REJECT     all  --  ***.***.***.***        [anywhere]/0            reject-with icmp-port-unreachab
le
RETURN     all  --  [anywhere]/0            [anywhere]/0

Chain ufw-after-forward (1 references)
target     prot opt source               destination

Chain ufw-after-input (1 references)
target     prot opt source               destination
ufw-skip-to-policy-input  udp  --  [anywhere]/0            [anywhere]/0            udp dpt:137
ufw-skip-to-policy-input  udp  --  [anywhere]/0            [anywhere]/0            udp dpt:138
ufw-skip-to-policy-input  tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:139
ufw-skip-to-policy-input  tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:445
ufw-skip-to-policy-input  udp  --  [anywhere]/0            [anywhere]/0            udp dpt:67
ufw-skip-to-policy-input  udp  --  [anywhere]/0            [anywhere]/0            udp dpt:68
ufw-skip-to-policy-input  all  --  [anywhere]/0            [anywhere]/0            ADDRTYPE match
dst-type BROADCAST

Chain ufw-after-logging-forward (1 references)
target     prot opt source               destination
LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10 LOG
flags 0 level 4 prefix "[UFW BLOCK] "

Chain ufw-after-logging-input (1 references)
target     prot opt source               destination
LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10 LOG
flags 0 level 4 prefix "[UFW BLOCK] "

Chain ufw-after-logging-output (1 references)
target     prot opt source               destination

Chain ufw-after-output (1 references)
target     prot opt source               destination

Chain ufw-before-forward (1 references)
target     prot opt source               destination
ACCEPT     all  --  [anywhere]/0            [anywhere]/0            ctstate RELATED,ESTABLISHED
ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 3
ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 11
ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 12
ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 8
ufw-user-forward  all  --  [anywhere]/0            [anywhere]/0

Chain ufw-before-input (1 references)
target     prot opt source               destination
ACCEPT     all  --  [anywhere]/0            [anywhere]/0
ACCEPT     all  --  [anywhere]/0            [anywhere]/0            ctstate RELATED,ESTABLISHED
ufw-logging-deny  all  --  [anywhere]/0            [anywhere]/0            ctstate INVALID
DROP       all  --  [anywhere]/0            [anywhere]/0            ctstate INVALID
ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 3
ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 11
ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 12
ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 8
ACCEPT     udp  --  [anywhere]/0            [anywhere]/0            udp spt:67 dpt:68
ufw-not-local  all  --  [anywhere]/0            [anywhere]/0
ACCEPT     udp  --  [anywhere]/0            ***.***.***.***          udp dpt:5353
ACCEPT     udp  --  [anywhere]/0            ***.***.***.***      udp dpt:1900
ufw-user-input  all  --  [anywhere]/0            [anywhere]/0

Chain ufw-before-logging-forward (1 references)
target     prot opt source               destination

Chain ufw-before-logging-input (1 references)
target     prot opt source               destination

Chain ufw-before-logging-output (1 references)
target     prot opt source               destination

Chain ufw-before-output (1 references)
target     prot opt source               destination
ACCEPT     all  --  [anywhere]/0            [anywhere]/0
ACCEPT     all  --  [anywhere]/0            [anywhere]/0            ctstate RELATED,ESTABLISHED
ufw-user-output  all  --  [anywhere]/0            [anywhere]/0

Chain ufw-logging-allow (0 references)
target     prot opt source               destination
LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10 LOG
flags 0 level 4 prefix "[UFW ALLOW] "

Chain ufw-logging-deny (2 references)
target     prot opt source               destination
RETURN     all  --  [anywhere]/0            [anywhere]/0            ctstate INVALID limit: avg 3/m
in burst 10
LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10 LOG
flags 0 level 4 prefix "[UFW BLOCK] "

Chain ufw-not-local (1 references)
target     prot opt source               destination
RETURN     all  --  [anywhere]/0            [anywhere]/0            ADDRTYPE match dst-type LOCAL
RETURN     all  --  [anywhere]/0            [anywhere]/0            ADDRTYPE match dst-type MULTIC
AST
RETURN     all  --  [anywhere]/0            [anywhere]/0            ADDRTYPE match dst-type BROADC
AST
ufw-logging-deny  all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst
10
DROP       all  --  [anywhere]/0            [anywhere]/0

Chain ufw-reject-forward (1 references)
target     prot opt source               destination

Chain ufw-reject-input (1 references)
target     prot opt source               destination

Chain ufw-reject-output (1 references)
target     prot opt source               destination

Chain ufw-skip-to-policy-forward (0 references)
target     prot opt source               destination
DROP       all  --  [anywhere]/0            [anywhere]/0

Chain ufw-skip-to-policy-input (7 references)
target     prot opt source               destination
DROP       all  --  [anywhere]/0            [anywhere]/0

Chain ufw-skip-to-policy-output (0 references)
target     prot opt source               destination
ACCEPT     all  --  [anywhere]/0            [anywhere]/0

Chain ufw-track-forward (1 references)
target     prot opt source               destination

Chain ufw-track-input (1 references)
target     prot opt source               destination

Chain ufw-track-output (1 references)
target     prot opt source               destination
ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            ctstate NEW
ACCEPT     udp  --  [anywhere]/0            [anywhere]/0            ctstate NEW

Chain ufw-user-forward (1 references)
target     prot opt source               destination

Chain ufw-user-input (1 references)
target     prot opt source               destination
ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:20
ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:21
ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:22
ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:80
ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:443
ACCEPT     tcp  --  ***.***.***.***/24        [anywhere]/0            tcp dpt:3306
ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 40110:40210

Chain ufw-user-limit (0 references)
target     prot opt source               destination
LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 5 LOG f
lags 0 level 4 prefix "[UFW LIMIT BLOCK] "
REJECT     all  --  [anywhere]/0            [anywhere]/0            reject-with icmp-port-unreacha
ble

Chain ufw-user-limit-accept (0 references)
target     prot opt source               destination
ACCEPT     all  --  [anywhere]/0            [anywhere]/0

Chain ufw-user-logging-forward (0 references)
target     prot opt source               destination

Chain ufw-user-logging-input (0 references)
target     prot opt source               destination

Chain ufw-user-logging-output (0 references)
target     prot opt source               destination

Chain ufw-user-output (1 references)
target     prot opt source               destination




##### LET'S ENCRYPT #####
acme.sh is installed in /root/.acme.sh/acme.sh
     
    jhonatandiazp, Dec 2, 2021
    #9
  10. jhonatandiazp

    jhonatandiazp Member HowtoForge Supporter

    This will be for the WinSCP. I see something strange. How is said not such file or directory? I created a client in the ISPConfig panel and I added this ftp account so I can try.
    Code:
    2021-12-02 12:27:37.873 USER jdiazftp
< 2021-12-02 12:27:37.874 331 User jdiazftp OK. Password required
> 2021-12-02 12:27:37.874 PASS ********************
< 2021-12-02 12:27:37.911 230 OK. Current restricted directory is /
> 2021-12-02 12:27:37.911 SYST
< 2021-12-02 12:27:37.919 215 UNIX Type: L8
> 2021-12-02 12:27:37.919 FEAT
< 2021-12-02 12:27:37.927 211-Extensions supported:
< 2021-12-02 12:27:37.927  UTF8
< 2021-12-02 12:27:37.927  EPRT
< 2021-12-02 12:27:37.927  IDLE
< 2021-12-02 12:27:37.927  MDTM
< 2021-12-02 12:27:37.927  SIZE
< 2021-12-02 12:27:37.927  MFMT
< 2021-12-02 12:27:37.927  REST STREAM
< 2021-12-02 12:27:37.927  MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
< 2021-12-02 12:27:37.927  MLSD
< 2021-12-02 12:27:37.927  PRET
< 2021-12-02 12:27:37.927  AUTH TLS
< 2021-12-02 12:27:37.927  PBSZ
< 2021-12-02 12:27:37.927  PROT
< 2021-12-02 12:27:37.927  ESTA
< 2021-12-02 12:27:37.927  PASV
< 2021-12-02 12:27:37.927  EPSV
< 2021-12-02 12:27:37.927  SPSV
< 2021-12-02 12:27:37.927  ESTP
< 2021-12-02 12:27:37.927 211 End.
> 2021-12-02 12:27:37.951 OPTS UTF8 ON
< 2021-12-02 12:27:37.959 504 Unknown command
. 2021-12-02 12:27:37.971 Connected
. 2021-12-02 12:27:37.971 --------------------------------------------------------------------------
. 2021-12-02 12:27:37.971 Using FTP protocol.
. 2021-12-02 12:27:37.972 Doing startup conversation with host.
> 2021-12-02 12:27:37.986 PWD
< 2021-12-02 12:27:37.994 257 "/" is your current location
. 2021-12-02 12:27:37.994 Changing directory to "/home/jdsupport".
> 2021-12-02 12:27:37.994 CWD /home/jdsupport
< 2021-12-02 12:27:38.003 550 Can't change directory to /home/jdsupport: No such file or directory
. 2021-12-02 12:27:38.003 Getting current directory name.
. 2021-12-02 12:27:38.059 Retrieving directory listing...
> 2021-12-02 12:27:38.059 TYPE A
< 2021-12-02 12:27:38.066 200 TYPE is now ASCII
> 2021-12-02 12:27:38.067 PASV
< 2021-12-02 12:27:38.074 227 Entering Passive Mode (72,80,12,41,30,56)
> 2021-12-02 12:27:38.074 MLSD
. 2021-12-02 12:27:38.074 Connecting to 72.80.12.41:7736 ...
     
    jhonatandiazp, Dec 2, 2021
    #10
  11. Jesse Norell

    Jesse Norell Well-Known Member Staff Member Howtoforge Staff

    Your username is 'jdiazftp', try changing to /home/jdiazftp (not /home/jdsupport).
     
    Jesse Norell, Dec 2, 2021
    #11
  12. jhonatandiazp

    jhonatandiazp Member HowtoForge Supporter

    I believe that it is my problem. I created my fist client and his first site. Then, I created the ftp user account so I can test it. There is not any home directory for the ftp user account. How is suppose to upload files to build the site?
     
    jhonatandiazp, Dec 2, 2021
    #12
  13. till

    till Super Moderator Staff Member ISPConfig Developer

    That's exactly as it should be.

    The website directory is "web". I guess you just entered the wrong directory name in your FTP client. Check your FTP client settings, find the field where you entered /home/jdsupport and replace it with / or /web
     
    till, Dec 2, 2021
    #13
  14. jhonatandiazp

    jhonatandiazp Member HowtoForge Supporter

    I tried with / and /web. I am still getting the same error. So my question. When I created the site for hte client and the ftp account. The ftp account is not suppose to have read/write access to the web site location of the client. I never have this problem before with the ISPConfig. Is my third installation.
     
    jhonatandiazp, Dec 2, 2021
    #14
  15. till

    till Super Moderator Staff Member ISPConfig Developer

    An FTP account has always read and write access to the directory with the name 'web' that is inside the / folder of your FTP user and this 'web' folder is the place where you upload your website files to.

    Set the directory to / in your FTP client, then connect and post the connect log that you get now.
     
    till, Dec 2, 2021
    #15
  16. Jesse Norell

    Jesse Norell Well-Known Member Staff Member Howtoforge Staff

    Did you change the 'Directory' under ftp user options, or why would you expect it to not have access?
     
    Jesse Norell, Dec 2, 2021
    #16
  17. jhonatandiazp

    jhonatandiazp Member HowtoForge Supporter

    Yes, I did change it to / still getting the same error. Sorry, what I means is that the FTP user account is suppose to have access to the web directory. I do not know if the problem is the web server installation or something else. I do not want to re install it again.

    Thanks
     
    jhonatandiazp, Dec 2, 2021
    #17
  18. jhonatandiazp

    jhonatandiazp Member HowtoForge Supporter

    Code:
    root@web01:~# ls -la /var/www/clients/client3/web6/
total 40
drwxr-xr-x 10 root root    4096 Dec  2 09:25 .
drwxr-xr-x  3 root root    4096 Dec  2 09:25 ..
drwxr-xr-x  2 web6 client3 4096 Dec  2 09:25 cgi-bin
drwxr-xr-x  2 root root    4096 Dec  2 09:25 log
drwx--x---  2 web6 client3 4096 Dec  2 09:25 private
drwx------  2 web6 client3 4096 Dec  2 09:25 .ssh
drwxr-xr-x  2 root root    4096 Dec  2 09:25 ssl
drwxrwx---  2 web6 client3 4096 Dec  2 09:25 tmp
drwx--x--x  4 web6 client3 4096 Dec  2 09:25 web
drwx--x---  2 web6 client3 4096 Dec  2 09:25 webdav
     
    jhonatandiazp, Dec 2, 2021
    #18
  19. jhonatandiazp

    jhonatandiazp Member HowtoForge Supporter

    I ran that and I see that in ISPConfig Panel the
    User identifier (UID):web6 for the ftp user account. so It looks that permission are good. Correct?
     
    jhonatandiazp, Dec 2, 2021
    #19
  20. Jesse Norell

    Jesse Norell Well-Known Member Staff Member Howtoforge Staff

    Do what @till said in #15 and you might get some more info.
    Change that back, it decreases the security of your server and changes what you see when logged in.
     
    Jesse Norell, Dec 2, 2021
    #20
Page 1 of 2

Share This Page