Welcome to WebmasterWorld Guest from 54.159.24.159

Forum Moderators: bakedjake

Message Too Old, No Replies

trying to set up an ftp server on RedHat Fedora 6.x

might have bitten of more than I can chew :)

     
10:35 am on May 23, 2008 (gmt 0)

Junior Member

5+ Year Member

joined:Feb 4, 2008
posts: 80
votes: 0


Just got a dedicated server, and installed ProFTPD Server on it
The thing is, I dont want to set up the domain on this new server till I know what is going on.
I tried accessing the ftp via
ftp://192.168.1.1/ (ip address changed of course)
and I am getting nothing.

I suppose I need to change the settings?

Any help or pointers would be much appreciated.
Ed

1:43 pm on May 23, 2008 (gmt 0)

Preferred Member

10+ Year Member

joined:Sept 28, 2002
posts:505
votes: 0


OK, you installed it.

Did you configure it?
Is is running?
Have you checked the logs?

You may want to have a look at the documentation here:
[proftpd.org...]
[proftpd.org...]

Kind regards,
R.

2:09 pm on May 23, 2008 (gmt 0)

Junior Member

5+ Year Member

joined:Feb 4, 2008
posts:80
votes: 0


I was hoping the default configuration would do the trick. (You are starting to realise how much of a beginner I am at linux now, arent you?)

I guess its running, as in I can change the settings through webmin (the admin cp I have)
I did notice that port 21 wasn't open on the 'linux firewall' but that didnt help.

I guess I have to do some reading. Thanks for the links.

Ed

4:02 pm on May 23, 2008 (gmt 0)

Preferred Member

10+ Year Member

joined:Sept 28, 2002
posts:505
votes: 0


Hi Ed,

my question 'is it running' may be somewhat misleading.
Of course it has to run when it gets connected, but the preferred method may be letting xinetd start it on demand per incoming connect. So, is xinetd running and did xinetd get configured during installation as well?
For testing purposes, however, you may start the ftp daemon standalone.
Have a look into `top` and the process list `ps -ef grep ftp` while testing. And have a look at the logs.

Regarding the config, there are several things to check and to think of, including access policies and other security stuff.

Kind regards,
R.

4:13 pm on May 23, 2008 (gmt 0)

Full Member

5+ Year Member

joined:Jan 29, 2008
posts:243
votes: 0


Run the following command and see if port 21 is opened or not:
netstat -tulpn

If not, start proftp service. The default CentOS/Redhat/Fedora FTP server is called vsftpd and it is quite secure.

4:27 pm on May 26, 2008 (gmt 0)

Junior Member

5+ Year Member

joined:Feb 4, 2008
posts:80
votes: 0


ok
thought the service would be started automatically (i guess that is xinetd).
So I started the service and tried to log in using my ftp client, but now I am getting a password error:

Response:220 FTP Server ready.
Command:USER root
Response:331 Password required for root
Command:PASS ********
Response:530 Login incorrect.
Error:Could not connect to server

I thought the root password would be the same as the login root password, or is something else happening here?

4:41 pm on May 26, 2008 (gmt 0)

Senior Member from CA 

WebmasterWorld Senior Member encyclo is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Aug 31, 2003
posts:9063
votes: 2


Hopefully, a default ftpd installation will disallow login by root as a default. Bear in mond that FTP is an insecure (unencrypted) protocol, so the password is sent in plain text. It is an extremely bad idea to connect as root over an insecure connection - your password can be intercepted and the person would have root access to your server.

For basic file transfer, you can use FTP and connect with a limited user account, but it is almost always better to use ssh and scp rather than FTP. Even then, you should connect via a limited account and su to root or use sudo only when required, and disallow direct ssh access for root.

4:50 am on May 27, 2008 (gmt 0)

Full Member

5+ Year Member

joined:Jan 29, 2008
posts:243
votes: 0


By default ftp server disables root password and account for ftp. FTP is insecure protocol. You should use normal user account.
3:50 pm on May 27, 2008 (gmt 0)

Junior Member

5+ Year Member

joined:Feb 4, 2008
posts:80
votes: 0


I have set up a new user, but it can't log in to ftp either.

Checked the denied ftp users in webmin and my new user is not listed.
I gather that a user's login for ftp should not be the same as their system login, due to the fact that if a security breach in the ftp program allowed a user to access the command line they would have privledges to do quite a bit of damage. I suppose this is why webmin has options to set username aliases (?)

Obviously I have more reading to do, but some pointers would be appreciated.

Regards
Ed

6:35 pm on May 27, 2008 (gmt 0)

Full Member

5+ Year Member

joined:Jan 29, 2008
posts:243
votes: 0


I use ftpasswd to create ftp accounts.

[proftpd.org...]