Server :: Setup VSFTPD On Centos 5 To Access /var/www/ Directly
Sep 26, 2010
Trying to set up VSFTPD on the CentOS 5 box at work, which is an internal web development server. I'm leaving soon, and all knowledge of or desire to learn SSH is going with me so the other employees will need to be able to access the web root using FTP clients.
Essentially there is no need for special user accounts or privileges, it's an internal server in a tiny company. I've got the LocalRoot set to /var/www/ which I can log in to and read all files via FTP, however despite setting everything to 777 in /var/www/ and below, I still can't get any write privileges on the FTP server.
I've only recently encountered this problem with vsftpd when I was creating new ftp accounts. I keep on getting:
550 Access Denied.
on every action I try to do on ftp, no matter what. I've been trying to solve this myself however my attempts have been futile.
The permissions, and ownership have been checked and rechecked tens of times now, so thats not the issue. I've reinstalled the OS of my server twice now, and the problem is still persisting. Heres my config file, this isnt for anon by the way.
Code: # Example config file /etc/vsftpd/vsftpd.conf # # The default compiled in settings are fairly paranoid. This sample file # loosens things up a bit, to make the ftp daemon more usable. # Please see vsftpd.conf.5 for all compiled in defaults. #
I just installed Ubuntu server and wish to run an apache web server from it. I have that setup, with each user having their individual folder. (E.G) apache root /var/www/ LazerPhreaks folder is /var/www/LazerPhreak/ so their website would be www.mysite.com/LazerPhreak/) I wish to setup vsftp to let each user access their individual folder and upload website files via ftp. How should I go about this?
venturing into unfamiliar territory so I'm hoping someone can help me and make things a little more understandable for me. I have setup Postfix on a standalone server connected directly to the internet. I have got inbound and outbound email working for the most part, but I am worried about security.My fear is that if I leave port 25 open to the outside world spammers will find this and start relaying mail through it and eventually blacklisting the IP attached to this box.
For now, I am hosting mail for a single domain and single user (me) with a few aliases. I plan on expanding to IMAP and SMTP access from the outside at some point, but for now I've been using Mutt in a shell and it's fine for my needs for now.
Here are my current Postfix settings: alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases
I'm testing a Debian Lenny virtual machine to simulate my ideal setup for FTP server (with vsftpd): I want all internal users (corporation users with Active Directory accounts) to ftp into the same directory (i.e. /var/FTP/AD-DOMAIN/) and external users (customers) to ftp into their home directories (created manually on request).
I added user_config_dir=/etc/vsftpd_user_conf option in /etc/vsftpd.conf file and I've created /etc/vsftpd_user_conf/domain-user1 with local_root=/var/FTP/AD-DOMAIN
I have setup vsftp so I can ftp with every external and internal user chrooted and is working properly. AD validation for internal users and "normal" validation (via /etc/passwd) for external users work perfect.
I can FTP this server into /var/FTP/AD-DOMAIN with any AD user with its home directory created (i.e. /home/AD-DOMAIN/domain-user1/) but if I try to ftp with any AD user without its home directory created I get the error "500 OOPS: cannot change directory:/home/AD-DOMAIN/domain-user2"
I have found some references (http://wiki.flexion.org/FtpServer.html and http://howto.gumph.org/content/setup...ies-in-vsftpd/) about vsftp PAM authentication so I would supposedly get rid of the error message and the user would log into /var/FTP/AD-DOMAIN without problems, but I can't figure out how to setup my FTP server.
vsftpd is working fine in my network with anonymous user but i need to access that from out-side all the setting is done on the router. I am getting page to access ftp form out-side but only for ftp users not anonymous user how i will give permeation to access ftp to anonymous user ?
I have CentOS 5.5 distribution with Dom0 and DomU installed. I try to access Dom0 files during vsftpd server from DomU during ftp client. I successfully login with root and simple user, but when I try to list (or cd to some directory) in user home the SELinux prevent it from me. I get this in audit.log:
I installed vsftpd server in one of my servers using "yum install vsftpd" command. NFS server is running in the other server and mounted as "/data" in this FTP server. root in FTP server has also root authority in NFS server. All the files and sub-folders under "/data" in FTP server have 755 or 766 mode. Even I modified vsftpd setting to allow root login.
When I login as root to FTP server with FileZilla client, I can see all the file list in root home directory and move to /data directory. I can download any file in a local HDD but I can not download any file in /data directory.
I open "man vsftpd.conf", it says syslog_enable If enabled, then any log output which would have gone o /var/log/vsftpd.log goes to the system log instead. Logging is done under the FTPD facility. Default: NO So I add "syslog_enable=YES" to the /etc/vsftpd.conf, and add "ftpd.* /var/log/ftplog" into /etc/syslog.conf. But there is no log infomation in the ftplog file.
I'm still learning my way around CentOS and linux in general... Using CentOS 5.4
BUT, I used the scripts from HowTo/Chroot Vsftpd and it did not work with the non-TLS script config, but the with TSL worked great. I wasn't sure where to put the vsftpd_virtualuser_config.tpl file but I copied it over when the script failed to find it... to where it was looking.
So I think it's working but my question is, TLS doesn't use port 21 but the script defaults to that port. I'm using FileZilla from an XP machine at work and I'm forwarding all the ports given in the HowTo. So I'm forcing the client to use TLS on port 21 but it hangs on the connection. If I use non TLS I get in but it tells me it requires TSL. I've had no luck with vsftpd in the past and this is my next attempt.
Seismicmike here. My first post. I'll try to be as clear and concise as possible. For the sake of this post, I'm going to use 184.108.40.206 as a place holder for my public IP. On my web server, I would like to be able to access the /var/ftp directory through a web browser. I have successfully done so with Google Chrome, but I cannot access the directory in Firefox or IE. Both FF and IE ask me for authentication but then time out attempting to load the directory.
I suspect that there may be something up with switching to passive mode and/or that this issue may be more with my configuration of Firefox and not with the server (seeing as how Chrome works). Another possibility may be related to SSL. When I connect with FileZilla, I have to use the FTP over Explicit SSL/TLS option in order to connect. In any case I still would like to fix it. I would also like to avoid having to install FireFTP if at all possible.
Steps to reproduce (not that you can without my actual IP =J):
* Open Chrome * Go to ftp://220.127.116.11 * Enter username * Enter password
I already have this setup working in a debian server but I would like to setup the same in CentOS 5.3. I just copied all the configuration files to the CentOS server but I'm getting the following errors in messages:
vsftpd: nss_ldap: reconnecting to LDAP server (sleeping 64 seconds)... vsftpd: nss_ldap: reconnecting to LDAP server (sleeping 64 seconds)... crond: nss_ldap: reconnecting to LDAP server (sleeping 4 seconds)... crond: nss_ldap: reconnecting to LDAP server (sleeping 8 seconds)... crond: nss_ldap: reconnecting to LDAP server (sleeping 16 seconds)... crond: nss_ldap: reconnecting to LDAP server (sleeping 32 seconds)...
I set up my vsftpd server, but when using "sftp servername" it's not using vsftpd but another (what seems like) built-in sftp server. Even when I stop the vsftpd service I am still able to get a prompt to log in. I haven't installed any other ftp servers.
I'm able to connect to ftp as a virtual user. It was also difficult as nowhere mentioned, that it should be done with SSL. Anyway I found the answer and got connection. But now I can't connect to ftp server as system user. It gives me "530 Permission denied", or if I delete the user from the file denied_users, - "530 Login incorrect".
1. Still I can't understand, how I can log in to FTP server with a system user.Also some other questions regarding this matter:
2. My httpd server Apache has a virtual hosts located in "/home" directory.The scripts create users in "/var/ftp virtual_users". Will it cause any problem if I will change them to "/home"? All I need to do with this is ability to have several virtual hosts in one server with separate access to each of them via FTP. And 1 account with access to all files in "/home".
3. In my ftp client I can see the owner of virtual host "ftp" instead of username.
I am attempting to connect to VSFTPD via Filezilla from a windows machine, but regardless of which user name I use I get a "530 Login incorrect" error. I have tried turning off the firewalls on both the CentOS and Windows side of things with no result. I disabled the SSL/TLS commands in the config file, also with no change. I tried a couple of different FTP clients, but got similar results regardless of which client I used. I have been going over man pages and documentation for a couple of days now, but cannot come up with an answer. I suspect it lies in my configuration, but I got the same results when I reverted my config file back to the original. what else I can do? One other note is that I am attempting to connect via a LAN, at this point I don't care if it works across the WAN as I only intend to use it to upload files to my web server.
I am running FTP server using vsftpd 2.0.5-12 on Centos 5.3 64bit with default settings, annonymous access enabled. Each night new files are created and moved into a FTP subdirectory (/var/ftp/spectra) by a script. The files are owned by a local user/group, not root, and the same holds for the /var/ftp/spectra subdirectory. The new files are not visible via FTP. Only visible are files that were created the same day when I made the directory /var/ftp/spectra. Also files that are created "in place", e.g. by vi, are visible until I change their owner/group. This is the situation when vsftpd is runned as a system service (/etc/init.d/vsftpd start).
When I start the vsftpd directly using the command /usr/sbin/vsftpd (both without or with the configuration file specified), all files are visible and normally accessible via FTP.
I have never had the packaged vsftpd start with the ssl_enable option set to YES. The mysql on those servers works just fine with SSL enabled. After reading there seems to be a different package available on rh5 repo. This server shows up to date with 2.0.5-12.el5_3.1. The rh5 list shows 2.0.5-16_el5 per this:[URL].. My question is, is there a set lead time till adoption of current RH packages or is just random? I have to have SSL_ftp running and didn't want to step out of the repo lists if possible.