ubuntu vsftpd not connecting
Clash Royale CLAN TAG#URR8PPP
up vote
0
down vote
favorite
Fresh install of vsftpd is not accepting connections. I have got to be missing something simple, but I can't seem to figure it out. BTW lots of articles on this, read most of them...
running ubuntu: 16.04.3 LTS
running vsftpd: 3.0.3
Things that ARE working (using lftp as client, TLS connection)
- validation locally from 127.0.0.1
- validation locally from local server IP address (172.31.26.169)
Unable to connect from any external client using exact same syntax for lftp client.
lftp -d -u username,password 172.31.26.169 -e "set ssl:verify-certificate false"
Supporting information
/etc/vsftpd.conf
listen=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
dirmessage_enable=YES
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
chroot_local_user=YES
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
require_ssl_reuse=NO
ssl_ciphers=HIGH
user_sub_token=$USER
local_root=/home/$USER/ftp
pasv_min_port=40000
pasv_max_port=50000
userlist_enable=YES
userlist_file=/etc/vsftpd.userlist
userlist_deny=NO
debug_ssl=YES
#implicit_ssl=YES (This setting causes 127.0.0.1 login testing to fail)
log_ftp_protocol=YES
require_cert=NO
ufw status verbose
Status: active
Logging: on (high)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip
To Action From
-- ------ ----
8080 ALLOW IN Anywhere
22 ALLOW IN Anywhere
54.210.201.141 22/tcp ALLOW IN Anywhere
80,443,8080/tcp ALLOW IN Anywhere
53 ALLOW IN Anywhere # open tcp and udp port 53 for dns
20/tcp ALLOW IN Anywhere # ftp
21/tcp ALLOW IN Anywhere # ftp
22/tcp ALLOW IN Anywhere # port 22 for ssh
40000:50000/tcp ALLOW IN Anywhere
990/tcp ALLOW IN Anywhere
8080 (v6) ALLOW IN Anywhere (v6)
22 (v6) ALLOW IN Anywhere (v6)
80,443,8080/tcp (v6) ALLOW IN Anywhere (v6)
53 (v6) ALLOW IN Anywhere (v6) # open tcp and udp port 53 for dns
20/tcp (v6) ALLOW IN Anywhere (v6) # ftp
21/tcp (v6) ALLOW IN Anywhere (v6) # ftp
22/tcp (v6) ALLOW IN Anywhere (v6) # port 22 for ssh
40000:50000/tcp (v6) ALLOW IN Anywhere (v6)
990/tcp (v6) ALLOW IN Anywhere (v6)
netstat -tlnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 23158/vsftpd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1269/sshd
tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 1377/postgres
tcp6 0 0 :::8080 :::* LISTEN 3236/java
tcp6 0 0 :::22 :::* LISTEN 1269/sshd
tcp6 0 0 127.0.0.1:8005 :::* LISTEN 3236/java
tcp6 0 0 :::8009 :::* LISTEN 3236/java
/etc/vsftpd.userlist
has only 1 line with local username for ftp login access
ubuntu vsftpd
add a comment |Â
up vote
0
down vote
favorite
Fresh install of vsftpd is not accepting connections. I have got to be missing something simple, but I can't seem to figure it out. BTW lots of articles on this, read most of them...
running ubuntu: 16.04.3 LTS
running vsftpd: 3.0.3
Things that ARE working (using lftp as client, TLS connection)
- validation locally from 127.0.0.1
- validation locally from local server IP address (172.31.26.169)
Unable to connect from any external client using exact same syntax for lftp client.
lftp -d -u username,password 172.31.26.169 -e "set ssl:verify-certificate false"
Supporting information
/etc/vsftpd.conf
listen=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
dirmessage_enable=YES
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
chroot_local_user=YES
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
require_ssl_reuse=NO
ssl_ciphers=HIGH
user_sub_token=$USER
local_root=/home/$USER/ftp
pasv_min_port=40000
pasv_max_port=50000
userlist_enable=YES
userlist_file=/etc/vsftpd.userlist
userlist_deny=NO
debug_ssl=YES
#implicit_ssl=YES (This setting causes 127.0.0.1 login testing to fail)
log_ftp_protocol=YES
require_cert=NO
ufw status verbose
Status: active
Logging: on (high)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip
To Action From
-- ------ ----
8080 ALLOW IN Anywhere
22 ALLOW IN Anywhere
54.210.201.141 22/tcp ALLOW IN Anywhere
80,443,8080/tcp ALLOW IN Anywhere
53 ALLOW IN Anywhere # open tcp and udp port 53 for dns
20/tcp ALLOW IN Anywhere # ftp
21/tcp ALLOW IN Anywhere # ftp
22/tcp ALLOW IN Anywhere # port 22 for ssh
40000:50000/tcp ALLOW IN Anywhere
990/tcp ALLOW IN Anywhere
8080 (v6) ALLOW IN Anywhere (v6)
22 (v6) ALLOW IN Anywhere (v6)
80,443,8080/tcp (v6) ALLOW IN Anywhere (v6)
53 (v6) ALLOW IN Anywhere (v6) # open tcp and udp port 53 for dns
20/tcp (v6) ALLOW IN Anywhere (v6) # ftp
21/tcp (v6) ALLOW IN Anywhere (v6) # ftp
22/tcp (v6) ALLOW IN Anywhere (v6) # port 22 for ssh
40000:50000/tcp (v6) ALLOW IN Anywhere (v6)
990/tcp (v6) ALLOW IN Anywhere (v6)
netstat -tlnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 23158/vsftpd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1269/sshd
tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 1377/postgres
tcp6 0 0 :::8080 :::* LISTEN 3236/java
tcp6 0 0 :::22 :::* LISTEN 1269/sshd
tcp6 0 0 127.0.0.1:8005 :::* LISTEN 3236/java
tcp6 0 0 :::8009 :::* LISTEN 3236/java
/etc/vsftpd.userlist
has only 1 line with local username for ftp login access
ubuntu vsftpd
add a comment |Â
up vote
0
down vote
favorite
up vote
0
down vote
favorite
Fresh install of vsftpd is not accepting connections. I have got to be missing something simple, but I can't seem to figure it out. BTW lots of articles on this, read most of them...
running ubuntu: 16.04.3 LTS
running vsftpd: 3.0.3
Things that ARE working (using lftp as client, TLS connection)
- validation locally from 127.0.0.1
- validation locally from local server IP address (172.31.26.169)
Unable to connect from any external client using exact same syntax for lftp client.
lftp -d -u username,password 172.31.26.169 -e "set ssl:verify-certificate false"
Supporting information
/etc/vsftpd.conf
listen=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
dirmessage_enable=YES
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
chroot_local_user=YES
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
require_ssl_reuse=NO
ssl_ciphers=HIGH
user_sub_token=$USER
local_root=/home/$USER/ftp
pasv_min_port=40000
pasv_max_port=50000
userlist_enable=YES
userlist_file=/etc/vsftpd.userlist
userlist_deny=NO
debug_ssl=YES
#implicit_ssl=YES (This setting causes 127.0.0.1 login testing to fail)
log_ftp_protocol=YES
require_cert=NO
ufw status verbose
Status: active
Logging: on (high)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip
To Action From
-- ------ ----
8080 ALLOW IN Anywhere
22 ALLOW IN Anywhere
54.210.201.141 22/tcp ALLOW IN Anywhere
80,443,8080/tcp ALLOW IN Anywhere
53 ALLOW IN Anywhere # open tcp and udp port 53 for dns
20/tcp ALLOW IN Anywhere # ftp
21/tcp ALLOW IN Anywhere # ftp
22/tcp ALLOW IN Anywhere # port 22 for ssh
40000:50000/tcp ALLOW IN Anywhere
990/tcp ALLOW IN Anywhere
8080 (v6) ALLOW IN Anywhere (v6)
22 (v6) ALLOW IN Anywhere (v6)
80,443,8080/tcp (v6) ALLOW IN Anywhere (v6)
53 (v6) ALLOW IN Anywhere (v6) # open tcp and udp port 53 for dns
20/tcp (v6) ALLOW IN Anywhere (v6) # ftp
21/tcp (v6) ALLOW IN Anywhere (v6) # ftp
22/tcp (v6) ALLOW IN Anywhere (v6) # port 22 for ssh
40000:50000/tcp (v6) ALLOW IN Anywhere (v6)
990/tcp (v6) ALLOW IN Anywhere (v6)
netstat -tlnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 23158/vsftpd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1269/sshd
tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 1377/postgres
tcp6 0 0 :::8080 :::* LISTEN 3236/java
tcp6 0 0 :::22 :::* LISTEN 1269/sshd
tcp6 0 0 127.0.0.1:8005 :::* LISTEN 3236/java
tcp6 0 0 :::8009 :::* LISTEN 3236/java
/etc/vsftpd.userlist
has only 1 line with local username for ftp login access
ubuntu vsftpd
Fresh install of vsftpd is not accepting connections. I have got to be missing something simple, but I can't seem to figure it out. BTW lots of articles on this, read most of them...
running ubuntu: 16.04.3 LTS
running vsftpd: 3.0.3
Things that ARE working (using lftp as client, TLS connection)
- validation locally from 127.0.0.1
- validation locally from local server IP address (172.31.26.169)
Unable to connect from any external client using exact same syntax for lftp client.
lftp -d -u username,password 172.31.26.169 -e "set ssl:verify-certificate false"
Supporting information
/etc/vsftpd.conf
listen=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
dirmessage_enable=YES
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
chroot_local_user=YES
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
require_ssl_reuse=NO
ssl_ciphers=HIGH
user_sub_token=$USER
local_root=/home/$USER/ftp
pasv_min_port=40000
pasv_max_port=50000
userlist_enable=YES
userlist_file=/etc/vsftpd.userlist
userlist_deny=NO
debug_ssl=YES
#implicit_ssl=YES (This setting causes 127.0.0.1 login testing to fail)
log_ftp_protocol=YES
require_cert=NO
ufw status verbose
Status: active
Logging: on (high)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip
To Action From
-- ------ ----
8080 ALLOW IN Anywhere
22 ALLOW IN Anywhere
54.210.201.141 22/tcp ALLOW IN Anywhere
80,443,8080/tcp ALLOW IN Anywhere
53 ALLOW IN Anywhere # open tcp and udp port 53 for dns
20/tcp ALLOW IN Anywhere # ftp
21/tcp ALLOW IN Anywhere # ftp
22/tcp ALLOW IN Anywhere # port 22 for ssh
40000:50000/tcp ALLOW IN Anywhere
990/tcp ALLOW IN Anywhere
8080 (v6) ALLOW IN Anywhere (v6)
22 (v6) ALLOW IN Anywhere (v6)
80,443,8080/tcp (v6) ALLOW IN Anywhere (v6)
53 (v6) ALLOW IN Anywhere (v6) # open tcp and udp port 53 for dns
20/tcp (v6) ALLOW IN Anywhere (v6) # ftp
21/tcp (v6) ALLOW IN Anywhere (v6) # ftp
22/tcp (v6) ALLOW IN Anywhere (v6) # port 22 for ssh
40000:50000/tcp (v6) ALLOW IN Anywhere (v6)
990/tcp (v6) ALLOW IN Anywhere (v6)
netstat -tlnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 23158/vsftpd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1269/sshd
tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 1377/postgres
tcp6 0 0 :::8080 :::* LISTEN 3236/java
tcp6 0 0 :::22 :::* LISTEN 1269/sshd
tcp6 0 0 127.0.0.1:8005 :::* LISTEN 3236/java
tcp6 0 0 :::8009 :::* LISTEN 3236/java
/etc/vsftpd.userlist
has only 1 line with local username for ftp login access
ubuntu vsftpd
edited Jan 4 at 19:32
jayhendren
5,09721341
5,09721341
asked Jan 4 at 19:20
Ralph Sr
11
11
add a comment |Â
add a comment |Â
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f414834%2fubuntu-vsftpd-not-connecting%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password