Problems with vsFTPd, FTP in general, config issues

[SkorPio]

I installed a fresh version of the 86_64bit Centos 6 on my dell. i have everything ready for wordpress (it's installed on the localhost and brings up the admin page as expected). However i cannot load wordpress plugins because i have not properly configured the linux box for normal ftp service.

what i have done so far:

YUM install vsFTPd, FTP, Telnet and sFTP (all installed properly, no updates needed)
added FTP, sFTP and Telnet services to the firewall rules
chkconfig vsftpd on
/etc/vsftpd/vsftpd start (Note that this says Failed, keep reading though)
/etc/vsftpd/vsftpd status (vsftpd pid 3799 is running, huh must be working then)
read through an article on how to configure vsFTPd http://www.cyberciti.biz/faq/rhel-centos-linux-install-ftp-server/ as well as well as others that basically support the installation of ftp on centos....

i can from the linux box, issue a console, type in ftp (the computer responds with vsFTPd 2.2.2), enter in the local ip, enter in "anonymous" and "user@test.com". However i cannot put in a user account (like admin, webadm, etc)

i can from my windows box, issue a command prompt, type in ftp (all the above is the same), get the vsFTPd 2.2.2 version, and then connect to the linux box, i can only download, not upload with the anonymous account, no worries tho.

i can also issue an sFTP command, type in a username (not anonymous) and userpass from the users list and connect. i can get to the file structure and can upload and download.

i have checked the ftpusers and user_list in the vsftpd folder, from what i can tell it is all default settings for denied (default) userlist, certainly it does not contain the users: anonymous, admin, webadm, etc

what would cause the ftp service to only accept anonymous connections but not linux user accounts?

and why can i connect to sftp with users (showing that the user and pass go together) on port 22, but not working on port 21?

need some help from the experts 8-)

[pschaff]

[quote]
SkorPio wrote:
...
what would cause the ftp service to only accept anonymous connections but not linux user accounts?[/quote]
I can't guess but someone might if you showed the config file. That fail on the service start is suspicious.

[quote]
and why can i connect to sftp with users (showing that the user and pass go together) on port 22, but not working on port 21?
[/quote]
That one is easy. Despite the name sftp has nothing to do with FTP. It is part of SSH.[code]
$ rpm -qf `which sftp`
openssh-clients-5.3p1-20.el6_0.3
[/code]

[majun]

Don't get FTP and SFTP confused. Despite the similarities by name they're completely independent of each other. You don't need SFTP for FTP access and you don't need FTP for SFTP access.

Regarding your local users problem: make sure you have these three options set in your vsftpd.conf:

local_enable=YES
chroot_local_user=YES
write_enable=YES

[pschaff]

[quote]
majun wrote:
...
Regarding your local users problem: make sure you have these three options set in your vsftpd.conf:

local_enable=YES
chroot_local_user=YES
write_enable=YES[/quote]
I would consider

chroot_local_user=YES

to be optional. Depends on your level of trust in local users, and the functionality they require. There are ways to use bind mounts to get around the limits.

[majun]

Good point, you're right. That one is indeed optional although I always recommend it for safety reasons. Probably because based on my experience I know better than to trust local users ;-)

As always, YMMV.

[r_hartman]

[quote]
SkorPio wrote:
/etc/vsftpd/vsftpd start (Note that this says Failed, keep reading though)
/etc/vsftpd/vsftpd status (vsftpd pid 3799 is running, huh must be working then)
[/quote]

By default, vsftpd is started through xinet.d (preferred). Hence, it is started when xinetd is started.
Trying to start it as an independent service therefore fails.

You may want to consult my [url=http://www.hac-maarssen.nl/download/vsftpd_FTPS_Setup_RHEL5.pdf]FTPs installation guide[/url].

[dracic]

[quote]By default, vsftpd is started through xinet.d (preferred). Hence, it is started when xinetd is started.[/quote]
That's not true. Please consult the official RHEL documentation...

[pschaff]

[quote]
majun wrote:
Good point, you're right. That one is indeed optional although I always recommend it for safety reasons.[/quote]

[url=http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/s2-ftp-vsftpd-conf.html]Red Hat disagrees.[/url]
[quote]
Enabling chroot_local_user opens up a number of security issues, especially for users with upload privileges. For this reason, it is not recommended. [/quote]

For Starting and Stopping see [url=http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/s2-ftp-vsftpd-start.html]this page[/url]

[SkorPio]

Well,

I got lots of information and now have it where it allows a small list of users (what is in the /etc/vsftpd/user_list file) to type in the username. [i][b]{thanks everyone}[/b][/i]

However it does not accept the passwords for any of the users.

so i created a new user named Temptemp and set the password to temppassword (it complained but i allowed the pass anyway)

then i logged in to the Temptemp account on the linux box with the password above. all working fine at this point. then i open up a console session and type in "ftp".

then an "open localhost", where it prompts for the user name (which i put in along with the password) and i get a "530 Permission denied. Login Failed." for every user, including root.

what do i have to do to get the passwords to work with the ftp session?

Thanks

[pschaff]

It is very difficult to guess what you have changed and thus the source of the problem. To get vsftpd to work with local users all I had to do was install it, open the port in the firewall, start the service, and run as root "setsebool -P ftp_home_dir=1" to convince SELinux to let users access their home directories. No changes were required to /etc/vsftpd/vsftpd.conf or elsewhere. See the [url=http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Managing_Confined_Services/chap-Managing_Confined_Services-File_Transfer_Protocol.html]upstream docs[/url] for more information.

I's suggest reverting to the fresh install configuration, following the above steps, testing, and then making any additional changes you require.

Edit: The OP started a new topic [url=https://www.centos.org/modules/newbb/viewtopic.php?viewmode=flat&topic_id=32399&forum=56]problems with FTP[/url] in the Software forum. That one has been locked and discussion directed back here to minimize further confusion.