setting up ftp access for clients

Discussion in 'Installation/Configuration' started by Jrdgames, Feb 23, 2006.

  1. Jrdgames

    Jrdgames New Member

    I am pointing them to my public ip, would you mind taking a look at this screenshot to see if it looks right?
    [​IMG]
     
  2. falko

    falko Super Moderator Howtoforge Staff

    No, it's redirect. Can you click on My Hosts -> Dynamic DNS and create a DNS record pointing to your server.
     
  3. Jrdgames

    Jrdgames New Member

    thankyou very much!!
    heres an image of the dns:
    [​IMG]
    I didnt know that someone would offer dns service for free but it is working now thank you, my website is now accessible @ runecore.selfip.com:82 as long as the :82 is on the end.
    Now I should be able to point a redirect to this address so that the port doesnt have to be remembered everytime right?
     
  4. falko

    falko Super Moderator Howtoforge Staff

    Yes, you can do it like that.
     
  5. Jrdgames

    Jrdgames New Member

    hmm, my friends cant seem to view my site they get a timeout error but i am able to see it, can you see it?
     
  6. falko

    falko Super Moderator Howtoforge Staff

  7. Jrdgames

    Jrdgames New Member

    then it must be an error on there end and not with my server
     
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    Yes, seems so. I can access it too and i have an other network provider then falko :)
     
  9. Jrdgames

    Jrdgames New Member

    nice to know its not something wrong with my server, thanks for all your help guys
     
  10. geek.de.nz

    geek.de.nz New Member

    FTP Access for clients

    I cannot get FTP access for clients working. It works in webftp, but not over gftp for example. User name and password don't match apparently. Do I set this for the client or the site? I didn't find the option for user data under site???

    To be honest, I found it almost easier to do it by command line, as I did already for a few people. Oh maybe it could be because I used http://www.howtoforge.com/proftpd_mysql_virtual_hosting before I installed ispconfig.

    Maybe this information helps:
    my /etc/proftpd.conf:
    Code:
    ServerName                      "myServer"
    ServerType                      standalone
    DeferWelcome                    off
    
    MultilineRFC2228                on
    DefaultServer                   on
    ShowSymlinks                    on
    
    TimeoutNoTransfer               600
    TimeoutStalled                  600
    TimeoutIdle                     1200
    
    DisplayLogin                    welcome.msg
    DisplayFirstChdir               .message
    ListOptions                     "-l"
    
    DenyFilter                      \*.*/
    
    Port                            21
    
    MaxInstances                    30
    
    User                            nobody
    Group                           nogroup
    
    Umask                           022  022
    
    AllowOverwrite 
    DefaultRoot ~
    
    
    SQLAuthTypes            Plaintext Crypt
    SQLAuthenticate         users* groups*
    
    
    # used to connect to the database
    # databasename@host database_user user_password
    SQLConnectInfo  ftp@localhost proftpd xxxxx
    
    
    # Here we tell ProFTPd the names of the database columns in the "usertable"
    # we want it to interact with. Match the names with those in the db
    SQLUserInfo     ftpuser userid passwd uid gid homedir shell
    
    # Here we tell ProFTPd the names of the database columns in the "grouptable"
    # we want it to interact with. Again the names match with those in the db
    SQLGroupInfo    ftpgroup groupname gid members
    
    # set min UID and GID - otherwise these are 999 each
    SQLMinID        500
    
    # create a user's home directory on demand if it doesn't exist
    SQLHomedirOnDemand on
    
    # Update count every time user logs in
    SQLLog PASS updatecount
    SQLNamedQuery updatecount UPDATE "count=count+1, accessed=now() WHERE userid='%u'" ftpuser
    
    # Update modified everytime user uploads or deletes a file
    SQLLog  STOR,DELE modified
    SQLNamedQuery modified UPDATE "modified=now() WHERE userid='%u'" ftpuser
    
    # User quotas
    # ===========
    QuotaEngine on
    QuotaDirectoryTally on
    QuotaDisplayUnits Mb
    QuotaShowQuotas on
    
    SQLNamedQuery get-quota-limit SELECT "name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avail, bytes_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail FROM ftpquotalimits WHERE name = '%{0}' AND quota_type = '%{1}'"
    
    SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used, bytes_out_used, bytes_xfer_used, files_in_used, files_out_used, files_xfer_used FROM ftpquotatallies WHERE name = '%{0}' AND quota_type = '%{1}'"
    
    SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used = files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name = '%{6}' AND quota_type = '%{7}'" ftpquotatallies
    
    SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}" ftpquotatallies
    
    QuotaLimitTable sql:/get-quota-limit
    QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally
    
    RootLogin off
    RequireValidShell off
    
    
    Include /etc/proftpd_ispconfig.conf
    
    my /etc/proftpd_ispconfig.conf:
    Code:
    ###################################
    #
    # ISPConfig proftpd Configuration File
    #         Version 1.0
    #
    ###################################
    <VirtualHost 85.25.66.254>
            DefaultRoot             ~
            AllowOverwrite          on
            Umask                   002
            <Anonymous /home/www/web4/ftp>
              User                          web4_anonftp
              Group                         web4_anonftp
              UserAlias                     anonymous web4_anonftp
              UserAlias                     guest web4_anonftp
              MaxClients                    10
              <Directory *>
                <Limit WRITE>
                  DenyAll
                </Limit>
              </Directory>
              <Directory /home/www/web4/ftp/incoming>
                Umask                       002
                <Limit STOR>
                  AllowAll
                </Limit>
                <Limit READ>
                  DenyAll
                </Limit>
              </Directory>
            </Anonymous>
    </VirtualHost>
    
    Also, when I restart proftpd manually, I get the following:
    Code:
    #/etc/init.d/proftpd restart
    Restarting ProFTPD ftp daemon.proftpd.
    .. - warning: "ProFTPD" address/port (85.25.66.254:21) already in use by "myServer"
    proftpd.
     done.
    
    
    The user should be web2, but this is not even in the file, so where is the information about this client? How come web4 is there?

    The thing i like about ISPConfig though is the client management system and the easy email setup etc.
     
    Last edited: Mar 26, 2006
  11. falko

    falko Super Moderator Howtoforge Staff

    This setup is totally incompatible with ISPConfig! ISPConfig uses system users, not virtual users.
     
  12. geek.de.nz

    geek.de.nz New Member

    Well, OK, I decided to uninstall the proftpd-mysql package for this reason, but it still says, after I did:
    Code:
    #apt-get remove proftpd-mysql
    ...
    #apt-get install proftpd
    ...
    Starting ProFTPD ftp daemon:  - warning: "ProFTPD" address/port (85.25.66.254:21) already in use by "myServer"
    proftpd.
    
    Should I just ignore that warning or will ISPConfig not work that way?
     
  13. falko

    falko Super Moderator Howtoforge Staff

    You must reconfigure /etc/proftpd.conf and restart ProFTPd then.
     
  14. geek.de.nz

    geek.de.nz New Member

    I did that though.

    My /etc/proftpd.conf
    Code:
    #
    # /etc/proftpd.conf -- This is a basic ProFTPD configuration file.
    # To really apply changes reload proftpd after modifications.
    #
    
    #ServerName                     "Debian"
    ServerName                      "iHostNZ"
    ServerType                      standalone
    #ServerType                     inetd
    DeferWelcome                    off
    
    MultilineRFC2228                on
    DefaultServer                   on
    ShowSymlinks                    on
    
    TimeoutNoTransfer               600
    TimeoutStalled                  600
    TimeoutIdle                     1200
    
    DisplayLogin                    welcome.msg
    DisplayFirstChdir               .message
    ListOptions                     "-l"
    
    DenyFilter                      \*.*/
    
    # Uncomment this if you are using NIS or LDAP to retrieve passwords:
    #PersistentPasswd               off
    
    # Uncomment this if you would use TLS module:
    #TLSEngine                      on
    
    # Uncomment this if you would use quota module:
    #Quotas                         on
    
    # Uncomment this if you would use ratio module:
    #Ratios                         on
    
    # Port 21 is the standard FTP port.
    Port                            21
    
    # To prevent DoS attacks, set the maximum number of child processes
    # to 30.  If you need to allow more than 30 concurrent connections
    # at once, simply increase this value.  Note that this ONLY works
    # in standalone mode, in inetd mode you should use an inetd server
    # that allows you to limit maximum number of processes per service
    # (such as xinetd)
    MaxInstances                    30
    
    # Set the user and group that the server normally runs at.
    User                            nobody
    Group                           nogroup
    
    # Umask 022 is a good standard umask to prevent new files and dirs
    # (second parm) from being group and world writable.
    Umask                           022  022
    # Normally, we want files to be overwriteable.
    AllowOverwrite                  on
    
    # Delay engine reduces impact of the so-called Timing Attack described in
    # http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
    # It is on by default.
    #DelayEngine                    off
    
    # A basic anonymous configuration, no upload directories.
    
    # <Anonymous ~ftp>
    #   User                                ftp
    #   Group                               nogroup
    #   # We want clients to be able to login with "anonymous" as well as "ftp"
    #   UserAlias                   anonymous ftp
    #   # Cosmetic changes, all files belongs to ftp user
    #   DirFakeUser on ftp
    #   DirFakeGroup on ftp
    #
    #   RequireValidShell           off
    #
    #   # Limit the maximum number of anonymous logins
    #   MaxClients                  10
    #
    #   # We want 'welcome.msg' displayed at login, and '.message' displayed
    #   # in each newly chdired directory.
    #   DisplayLogin                        welcome.msg
    #   DisplayFirstChdir           .message
    #
    #   # Limit WRITE everywhere in the anonymous chroot
    #   <Directory *>
    #     <Limit WRITE>
    #       DenyAll
    #     </Limit>
    #   </Directory>
    #
    #   # Uncomment this if you're brave.
    #   # <Directory incoming>
    #   #   # Umask 022 is a good standard umask to prevent new files and dirs
    #   #   # (second parm) from being group and world writable.
    #   #   Umask                           022  022
    #   #            <Limit READ WRITE>
    #   #            DenyAll
    #   #            </Limit>
    #   #            <Limit STOR>
    #   #            AllowAll
    #   #            </Limit>
    #   # </Directory>
    #
    # </Anonymous>
    
    #DefaultRoot ~
    
    
    # The passwords in MySQL are encrypted using CRYPT
    #SQLAuthTypes            Plaintext Crypt
    #SQLAuthenticate         users* groups*
    
    
    # used to connect to the database
    # databasename@host database_user user_password
    #SQLConnectInfo  ftp@localhost proftpd pr0ftptim
    
    
    # Here we tell ProFTPd the names of the database columns in the "usertable"
    # we want it to interact with. Match the names with those in the db
    #SQLUserInfo     ftpuser userid passwd uid gid homedir shell
    
    # Here we tell ProFTPd the names of the database columns in the "grouptable"
    # we want it to interact with. Again the names match with those in the db
    #SQLGroupInfo    ftpgroup groupname gid members
    
    # set min UID and GID - otherwise these are 999 each
    #SQLMinID        500
    
    # create a user's home directory on demand if it doesn't exist
    #SQLHomedirOnDemand on
    
    # Update count every time user logs in
    #SQLLog PASS updatecount
    #SQLNamedQuery updatecount UPDATE "count=count+1, accessed=now() WHERE userid='%u'" ftpuser
    
    # Update modified everytime user uploads or deletes a file
    #SQLLog  STOR,DELE modified
    #SQLNamedQuery modified UPDATE "modified=now() WHERE userid='%u'" ftpuser
    
    # User quotas
    # ===========
    #QuotaEngine on
    #QuotaDirectoryTally on
    #QuotaDisplayUnits Mb
    #QuotaShowQuotas on
    #
    #SQLNamedQuery get-quota-limit SELECT "name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avail, bytes_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail FROM ftpquotalimits WHERE name = '%{0}' AND quota_type = '%{1}'"
    #
    #SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used, bytes_out_used, bytes_xfer_used, files_in_used, files_out_used, files_xfer_used FROM ftpquotatallies WHERE name = '%{0}' AND quota_type = '%{1}'"
    #
    #SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used = files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name = '%{6}' AND quota_type = '%{7}'" ftpquotatallies
    #
    #SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, #%{4}, %{5}, %{6}, %{7}" ftpquotatallies
    #
    #QuotaLimitTable sql:/get-quota-limit
    #QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally
    #
    #RootLogin off
    #RequireValidShell off
    
    
    Include /etc/proftpd_ispconfig.conf
    
    So, I practically reversed all the steps as shown in http://www.howtoforge.com/proftpd_mysql_virtual_hosting_p2

    Am I missing something. Can you see anything wrong with what I did? Thanks for the help so far btw. :)
     
  15. till

    till Super Moderator Staff Member ISPConfig Developer

    Does FTP works now for you? Then ignore the error.
     
  16. geek.de.nz

    geek.de.nz New Member

    Thanks, it's working today. Wonder why it wasn't working yesterday. There was no reboot of the server. Does ISPConfig automatically restart the servers at some point or why would it all of a sudden work?
     
  17. falko

    falko Super Moderator Howtoforge Staff

    Yes, if you have configured ISPConfig to do so under Monitoring.
     
  18. geek.de.nz

    geek.de.nz New Member

    Thanks again.

    Another thing:
    How do I now manually add an ftp user? I thought ISPConfig is based on system users. So, why can't I log in via ftp with the existing system users other than webx_xxx?

    I found webx_xxx in the file /etc/gshadow and didn't find my other system users there. Is that the file to change?? I do not want to screw up my system by editing that file if I don't know for sure.

    Also, if I log in with a user from ISPConfig (webx_xxx), I get no directory listing and cannot do anything in gftp, such as upload files. Might this have to do with the error message:
    Code:
    Restarting ProFTPD ftp daemon.proftpd.
    .. - warning: "ProFTPD" address/port (ip:21) already in use by "iHostNZ"
    proftpd.
     done.
    
    when I restart the ftp server?
     
    Last edited: Mar 30, 2006
  19. geek.de.nz

    geek.de.nz New Member

    Btw, here the ouput of gFTP:
    Code:
    Trying myserver.com:21
    Connected to myserver.com:21
    220 ProFTPD 1.2.10 Server (iHostNZ) [ip]
    USER webx_xxx
    
    331 Password required for webx_xxx.
    PASS xxxx
    230 User webx_xxx logged in.
    SYST
    
    215 UNIX Type: L8
    TYPE I
    
    200 Type set to I
    PWD
    
    257 "/home/www/webx" is current directory.
    Loading directory listing /home/www/webx from server (LC_TIME=en_NZ.UTF-8)
    PASV
    
    227 Entering Passive Mode (...).
    
    But then I do not see the contents of the webx directory, which should have some content though. I think it worked before though????
     
  20. falko

    falko Super Moderator Howtoforge Staff

    The existing users must have a valid shell like /bin/bash or /bin/false, otherwise they aren't allowed to use FTP.

    You should kill the running FTP process and try again.
     

Share This Page