did you do "useradd ftpuser1" to create the user, and now when you try to log onto the ftp server the user that can login is ftpuser1 with his passwd?
this site is too slow, do you have some kind of IM?
DimaYasny
180
Godmode enabled
Team Colleague
Featured Poster
williebens
0
Light Poster
williebens
0
Light Poster
Hello Dima:
I finally got it. FTP users can login to the ftp
server, but they cannot login to the linux box.
DimaYasny
180
Godmode enabled
Team Colleague
Featured Poster
where and how do you configure the ftp users? say, if you need to add ftpuser2, how do you do that?
williebens
0
Light Poster
After creating the ftp user account, this is what I did:
I edited the /etc/shells file and added
/bin/true to it.
I then went to the /etc/passwd file and changed:
ftpuser:x:501:501::/home/ftpdocs:/bin/bash
to
ftpuser:x:501:501::/home/ftpdocs/./:/bin/true
I then changed the shell of user by running the following command:
chsh ftpuser (press enter)
Then, when prompted for a new shell, I entered:
/bin/true
End of this story.
Now, I am going to work so that users can upload to the ftp user. They can download, but so far no uploading.
Thanks a lot for yor support so far Dima, and all others
Please keep the feedback.
--Willie
DimaYasny
180
Godmode enabled
Team Colleague
Featured Poster
this is not user creation, this is changing the ftp user's shell to /bin/true instead of bash. just a security setting.
the link I sent you earlier shows how to set up ftp to use user directory stored in mysql, instead of the linux internal user lists (/ets/passwd + /etc/groups)
that is more secure, and faster as well.
the way you did it will work too, but for every user you create , you will need to run the whole procedure of rewriting the shell etc. and it is less secure, since potentially the ftp users are still unix users.
as for the uploading issue - check the permissions on the ftpdocs directory. as a test, chmod -R 777 /home/ftpdocs and try to upload
williebens
0
Light Poster
Hello Dima:
I just tried your suggetion, and it did work.
I really thank you.
I will look into using mysql for user authentication regarding the ftp server as you
indicated in your previous post and pointed on one of the how-tos.
Right now the way the users are set up is that they are all sharing one folder in the ftp server.
I think the way my supervisor wants this server to be is having each user with its own folder. I will look into that along with your suggestion about using a database.
I am now going home. I am really tired, but happy things are working out with this ftp server assignment.
I will come back tomorrow.
Thanks again to you Dima, and all others.
--Willie
DimaYasny
180
Godmode enabled
Team Colleague
Featured Poster
g'nite, mate
I'm off to sleep - setting up a room full of blades tomorrow
williebens
0
Light Poster
Hello there:
I would like to be able to see my ftp files on a browser. When I do ft.IP, all I see is:
-----------------------------------------
FTP root at ftp.192.x.x.x
To view this FTP site in Windows Explorer, click Page, and then click Open FTP Site in Windows Explorer.
01/16/2008 09:44AM Directory pub
--------------------------------------------------------
The directory /pub has a file under it that should show on the browser. However, it is not happening. Would anyone please let me know how to go about solving this problem?
Thanks.
--Willie
williebens
0
Light Poster
When I click on pub, I get the following message:
Internet Explorer cannot display the webpage
Thanks.
--Willie
DimaYasny
180
Godmode enabled
Team Colleague
Featured Poster
If you are running iptables and your clients use non-passive FTP (like Internet Explorer), you also have to make sure the ip_conntrack_ftp kernel module is enabled. This module takes care of connection tracking for FTP. If you are experiencing problems connecting to your FTP server through active FTP, load this module and see if it solves it.
Code:
[user@host ~]# modprobe ip_conntrack_ftp
This is reset every time you restart iptables (so also when you reboot your server) so you might want to add it to the iptables configuration, so it is loaded automatically.
Code:
[user@host ~]# vi /etc/sysconfig/iptables-config
Go to insert mode and change IPTABLES_MODULES="" to...
Code:
IPTABLES_MODULES="ip_conntrack_ftp"
Save & exit once again by pressing <ESC> and typing
http://www.evilgeekz.com/viewtopic.php?p=2&sid=520f195a6514e2f0568e716c66871060
williebens
0
Light Poster
This is the solution I got to get my ftp server running.
I was first running CentOS 4.x and it did not work. My server complained when I stopped it claiming that there was a file locked under the /var/lock/subsys. The name of the file is vsftpd. The ftp server I am using is vsftpd. When I upgraded to CentOS 5, this complain disappeared.
Steps:
1. Download the server daemon using the following command (you have to have root access) (CentOS, Fedora, Red Hat):
yum –y install vsftpd
2. To start, stop, check the status, and restart the vsftpd server, do these commands:
/sbin/service vsftpd start
/sbin/service vsftpd stop
/sbin/service vsftpd status
/sbin/service vsftpd restart
3. To configure vsftpd to start at boot, use the following command:
chkconfig vsftpd on
The previous command will make sure that if you turn you computer off, the vsftpd server will start automatically after the computer is turned back on again.
4. Another way to test the status of the vsftpd process, other than by
the /sbin/service vsftpd status command, is by typing the following command:
netstat -a | grep ftp
You should get the following output or something similar:
tcp 0 0 *:ftp *: * LISTEN
If the vsftpd is stopped, then there would be no output.
5. Now I will create users that will share the same directory and will only have read- only access to it. Just follow the following steps:
Disable anonymous FTP, in the vsftpd .conf file found in the /etc/vsftpd/ directory, since we are using authenticated users only:
#Allow anonymous FTP?
#anonymous_enable =YES
You can either comment anonymous_enable out or just set it to NO instead of YES.
Set local_enable = YES to enable individual logins.
Start your vsftpd server: /sbin/service vsftpd start
6. Create an ftp group and the directory all ftp users will share:
groupadd ftpusers (this is the ftp group).
mkdir /home/fptdocs
7. Make the directory accessible to the users that belong to the ftp group (ftpusers):
chmod 750 /home/ftpdocs
chown root.ftpusers /home/ftpdocs
8. Create ftp user accounts:
useradd –g ftpuser –d /home/ftpdocs ftpuser (where ftpuser is the user who can upload/download documents to/from the ftp server).
passwd ftpuser
Now this user should have the necessary permissions to upload/download files via ftp.
9. Change the permissions of the file in the /home/ftpdocs directory to whatever permissions you need. For example, to only download files the permission would be read-only and execute. To upload/download files, the permissions would be 770 as long as the user belongs to the ftp group. If the user does not belong to the ftp group, then the permissions would be 777. Note: I need you to modify these permissions to your needs in case they are not what I am claiming they are. The reason is that uploading/downloading depends on the permissions you set for your ftp directory and whether or not your ftp user is part of the ftp group. If for any reason, my statements on this section are wrong, please correct me. Thanks.
If I want to give ftp users only read-access to the directory, note that they would only be able to download files with this type of access, I would do the following:
chown root.ftpusers /home/ftpdocs/*
chmod –R 740 /home/ftpdocs/*
10. Restart your vsftpd server for any configuration changes to take place.
11. I used SmartFTP as my ftp client. You might want to download it and test it to see if you would like to use it as well. Otherwise, choose one of your like. SmartFTP has a tutorial that shows you how to login to the ftp server and upload/download files.
12. The following sites might be worth visiting:
http://vsftpd.beasts.org/vsftpd_conf.html
http://www.brennan.id.au/14-FTP_Server.html
http://www.nslu2-linux.org/wiki/Optware/Vsftpd?from=Unslung.Vsftpd
If you do not want your ftp users to have access to your Linux box, please go back up and review one of the previous postings regarding that issue. You can also create ftp accounts with PAM/MYSQL. I cannot get into the details of that since I have not done it, but if any of you would like to contribute to this thread on that, please do.
Thanks Dima and all others for your help.
Note: I did not proofread this and my apologies for my lateness.
--Willie
DimaYasny
180
Godmode enabled
Team Colleague
Featured Poster
glad to see you have it figured out for yourself :)
williebens
0
Light Poster
Hello to you all:
Another thing I would like to add regarding the ftp server is the fact that it is possible that you do not want users to delete files they do not own. I went through this yesterday. Remember that my ftp users all share the same ftp folder to place their files. Therefore, if user1 uploads files, user2 can download it or delete it the way this is configured so far. My way around this problem was setting the sticky bit. The way I did this was as follows:
Assuming that the path where you have your ftp documents is /home/ftpdocs, then run the command:
chmod +t /home/ftpdocs
This will disable user1 from deleting files uploaded by user2 and vice versa.
Now, please, if there is a better way of doing this, let me know.
Thanks.
--Willie
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.