vsftpd setup help

[MetalSmith]

Hello all I am not sure where to post this question on here. I am new to Linux and need help with giving access permissions to a user I created for FTP.

Also there is a program folder that he will need full rights to.

So when I login to the server with my user he can navigate through the folders but when I try to "Open FTP site in Windows explorer" I get a 550 error "Make sure you have permission to access this folder. Failed to change directory".

I get the same results when I login as root also.

Here is my file:

anonymous_enable=Yes
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
chroot_list_enable=YES
pam_service_name=vsftpd
userlist_enable=YES
listen=YES
tcp_wrappers=YES

Can someone help me figure this out?

Thanks!!

[reckless2k2]

Well you don't want to have full permission on an anonymous user period.

I guess I, like some others, are a little confused with what you are trying to do.

Do you have the applicable ports open?
Are you connecting via PASV?
Are you using a username and password of a current user?
What FTP client are you using?

If I have user A setup and FTP in, I can usually only affect the home directory of user A although I may be able to navigate around. Navigating around especially under anonymous is bad news. You should really chroot and only have registered users log in.

If you need to view or change something in /etc, why not just ssh with a registered user?

[MetalSmith]

I am not sure what the FTP is called other than vsftpd.conf the free version on the Linux box CentOS 4.4.

I have a php script that needs to upload a file to this ftp server to a folder in /etc. The real path is /etc/asterisk/fonality/target-file.conf

I can't for the life of me get any FTP solution to be able to simply access that folder to put or copy files there. If I login as root it 550 errors me. If I create a user it 550 errors me. The farthest I have got is with an anonymous user. I can read there no problem but I can't do anything else.

I never seen something so difficult to configure.

[reckless2k2]

it's funny because the first and easiest thing i ever did on linux was setup an ftp server. hahaha.

if i'm not mistaken, root is banned from login via ftp for security reasons. rather than removing that security feature, i'll try to explain to you how to "fix" your issue.

i assume you have a user on the box. use firefox and the fireftp plugin to upload the file you need to replace to the home directory of that user. you should have to login with your username and password. then copy the file to that users home directory. if you get an error, that means you probably don't have a port opened.

after that's done, then ssh into your box using putty. log in using root and the password (you should really disable root access via ssh like it is via vsftpd). now navigate to that user home directory and copy the file to that place you need it. done. if you can't ssh into the box, then you don't have a port open.

somethings to consider:
- ssh has to be running > /etc/init.d/sshd start from terminal
- any changes to vsftpd require a restart to "take" > /etc/init.d/vsftpd restart
- ports have to be open. if you don't know how to do this, disable the firewall temporarily and make sure SELinux is disabled.

if all this sounds foreign to you, then you will need to understand linux a little more to admin it correctly.

let me know if you understand any of this. you see /etc is just not the type of nav path for ftp like that. an easier option is to just remove root from the vsftpd block list referred to in the vsftp.conf file. but you've got to restart the ftp server for it to take. the file is in /etc called vsftp_users or vsftpd_list..something like that but vsftpd.conf tells you what the name is and the path. if this is a public ftp, you should flip it back after you are done.

[MetalSmith]

Hey reckless,

you said something to me in your previous post that got me thinking and that was the ssh.

I did a little searching and Putty also has a pscp.exe program that lets you tranfer a file from Windows to Linux. I tried it out and it worked like a champ.

Also it looked just like the other part of my script I was making so that worked out great.

sleep(2);

$WshShell = new COM("WScript.Shell");
$oExec = $WshShell->Run('"C:\Program Files\pscp.exe" -l root -pw password "C:\Program Files\Conference.conf" root@192.168.xxx.xxx:/etc/asterisk/fonality');

sleep(2);

$WshShell = new COM("WScript.Shell");
$oExec = $WshShell->Run('"C:\Program Files\putty.exe" -ssh root@192.168.xxx.xxx -pw password -m "C:\Program Files\reload.sh"');


Now as far as the FTP on Linux. Good riddens to it. Maybe its the version of Linux I use but yea I don't know enough about Linux to admin it so screw it for now. I appreciate the reply on the FTP info but your comment about ssh is what solved my problem.

Thanks for your help!!!

[reckless2k2]

well i'm glad you got all straightened out. i have quite a few servers running on my box and have become very familiar with many. i use ssh to admin the box 99% of the time. i have vsftpd setup but once it was setup i really don't have to do much now.

ssh should be your best friend. hahaha.

if you need to admin via ssh over the internet, i'd suggest that you not permit a root login. go to sshd_config and set permitrootlogin to no and use AllowUsers comment at the end and only specify your user or whatever one you care to ssh with. once you ssh, then "su" to root. this way no one can hack your root account or it's much harder.

vsftpd is not very hard once you get the concept. my brother in-law struggled until he grasped permissions and the users home directory. for instance, i create an ftp user with a home directory within the ftp directory. so when they log in, they go right to the directory. this is like a shared repo the way i have it setup. i set it that certain users can actually add or remove content as well. it's not terribly complicated. it's all a learning experience.

if you care, pick up the red hat fedora and enterprise linux 4 bible. it walks you through a lot and explains a lot. it's a good investment if you have a linux box to admin. centos 4 is based off of red hat enterprise linux 4 so that's why i suggested that book. you'll have an ftp server, web server, file server, as well as others up very quickly.

good luck.