ubuntu vsftpd not connecting

Multi tool use
Multi tool use

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
0
down vote

favorite












Fresh install of vsftpd is not accepting connections. I have got to be missing something simple, but I can't seem to figure it out. BTW lots of articles on this, read most of them...



running ubuntu: 16.04.3 LTS



running vsftpd: 3.0.3




  1. Things that ARE working (using lftp as client, TLS connection)



    • validation locally from 127.0.0.1

    • validation locally from local server IP address (172.31.26.169)



  2. Unable to connect from any external client using exact same syntax for lftp client.



    lftp -d -u username,password 172.31.26.169 -e "set ssl:verify-certificate false"


Supporting information



/etc/vsftpd.conf



listen=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
dirmessage_enable=YES
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
chroot_local_user=YES
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
require_ssl_reuse=NO
ssl_ciphers=HIGH
user_sub_token=$USER
local_root=/home/$USER/ftp
pasv_min_port=40000
pasv_max_port=50000
userlist_enable=YES
userlist_file=/etc/vsftpd.userlist
userlist_deny=NO
debug_ssl=YES
#implicit_ssl=YES (This setting causes 127.0.0.1 login testing to fail)
log_ftp_protocol=YES
require_cert=NO


ufw status verbose



Status: active
Logging: on (high)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip

To Action From
-- ------ ----
8080 ALLOW IN Anywhere 
22 ALLOW IN Anywhere 
54.210.201.141 22/tcp ALLOW IN Anywhere 
80,443,8080/tcp ALLOW IN Anywhere 
53 ALLOW IN Anywhere # open tcp and udp port 53 for dns
20/tcp ALLOW IN Anywhere # ftp
21/tcp ALLOW IN Anywhere # ftp
22/tcp ALLOW IN Anywhere # port 22 for ssh
40000:50000/tcp ALLOW IN Anywhere 
990/tcp ALLOW IN Anywhere 
8080 (v6) ALLOW IN Anywhere (v6) 
22 (v6) ALLOW IN Anywhere (v6) 
80,443,8080/tcp (v6) ALLOW IN Anywhere (v6) 
53 (v6) ALLOW IN Anywhere (v6) # open tcp and udp port 53 for dns
20/tcp (v6) ALLOW IN Anywhere (v6) # ftp
21/tcp (v6) ALLOW IN Anywhere (v6) # ftp
22/tcp (v6) ALLOW IN Anywhere (v6) # port 22 for ssh
40000:50000/tcp (v6) ALLOW IN Anywhere (v6) 
990/tcp (v6) ALLOW IN Anywhere (v6)


netstat -tlnp



Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 23158/vsftpd 
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1269/sshd 
tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 1377/postgres 
tcp6 0 0 :::8080 :::* LISTEN 3236/java 
tcp6 0 0 :::22 :::* LISTEN 1269/sshd 
tcp6 0 0 127.0.0.1:8005 :::* LISTEN 3236/java 
tcp6 0 0 :::8009 :::* LISTEN 3236/java


/etc/vsftpd.userlist



has only 1 line with local username for ftp login access




ubuntu vsftpd




share|improve this question


























    up vote
    0
    down vote

    favorite












    Fresh install of vsftpd is not accepting connections. I have got to be missing something simple, but I can't seem to figure it out. BTW lots of articles on this, read most of them...



    running ubuntu: 16.04.3 LTS



    running vsftpd: 3.0.3




    1. Things that ARE working (using lftp as client, TLS connection)



      • validation locally from 127.0.0.1

      • validation locally from local server IP address (172.31.26.169)



    2. Unable to connect from any external client using exact same syntax for lftp client.



      lftp -d -u username,password 172.31.26.169 -e "set ssl:verify-certificate false"


    Supporting information



    /etc/vsftpd.conf



    listen=YES
    anonymous_enable=NO
    local_enable=YES
    write_enable=YES
    dirmessage_enable=YES
    use_localtime=YES
    xferlog_enable=YES
    connect_from_port_20=YES
    chroot_local_user=YES
    secure_chroot_dir=/var/run/vsftpd/empty
    pam_service_name=vsftpd
    rsa_cert_file=/etc/ssl/private/vsftpd.pem
    rsa_private_key_file=/etc/ssl/private/vsftpd.pem
    ssl_enable=YES
    allow_anon_ssl=NO
    force_local_data_ssl=YES
    force_local_logins_ssl=YES
    ssl_tlsv1=YES
    ssl_sslv2=NO
    ssl_sslv3=NO
    require_ssl_reuse=NO
    ssl_ciphers=HIGH
    user_sub_token=$USER
    local_root=/home/$USER/ftp
    pasv_min_port=40000
    pasv_max_port=50000
    userlist_enable=YES
    userlist_file=/etc/vsftpd.userlist
    userlist_deny=NO
    debug_ssl=YES
    #implicit_ssl=YES (This setting causes 127.0.0.1 login testing to fail)
    log_ftp_protocol=YES
    require_cert=NO


    ufw status verbose



    Status: active
    Logging: on (high)
    Default: deny (incoming), allow (outgoing), disabled (routed)
    New profiles: skip

    To Action From
    -- ------ ----
    8080 ALLOW IN Anywhere 
    22 ALLOW IN Anywhere 
    54.210.201.141 22/tcp ALLOW IN Anywhere 
    80,443,8080/tcp ALLOW IN Anywhere 
    53 ALLOW IN Anywhere # open tcp and udp port 53 for dns
    20/tcp ALLOW IN Anywhere # ftp
    21/tcp ALLOW IN Anywhere # ftp
    22/tcp ALLOW IN Anywhere # port 22 for ssh
    40000:50000/tcp ALLOW IN Anywhere 
    990/tcp ALLOW IN Anywhere 
    8080 (v6) ALLOW IN Anywhere (v6) 
    22 (v6) ALLOW IN Anywhere (v6) 
    80,443,8080/tcp (v6) ALLOW IN Anywhere (v6) 
    53 (v6) ALLOW IN Anywhere (v6) # open tcp and udp port 53 for dns
    20/tcp (v6) ALLOW IN Anywhere (v6) # ftp
    21/tcp (v6) ALLOW IN Anywhere (v6) # ftp
    22/tcp (v6) ALLOW IN Anywhere (v6) # port 22 for ssh
    40000:50000/tcp (v6) ALLOW IN Anywhere (v6) 
    990/tcp (v6) ALLOW IN Anywhere (v6)


    netstat -tlnp



    Active Internet connections (only servers)
    Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
    tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 23158/vsftpd 
    tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1269/sshd 
    tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 1377/postgres 
    tcp6 0 0 :::8080 :::* LISTEN 3236/java 
    tcp6 0 0 :::22 :::* LISTEN 1269/sshd 
    tcp6 0 0 127.0.0.1:8005 :::* LISTEN 3236/java 
    tcp6 0 0 :::8009 :::* LISTEN 3236/java


    /etc/vsftpd.userlist



    has only 1 line with local username for ftp login access




    ubuntu vsftpd




    share|improve this question
























      up vote
      0
      down vote

      favorite









      up vote
      0
      down vote

      favorite











      Fresh install of vsftpd is not accepting connections. I have got to be missing something simple, but I can't seem to figure it out. BTW lots of articles on this, read most of them...



      running ubuntu: 16.04.3 LTS



      running vsftpd: 3.0.3




      1. Things that ARE working (using lftp as client, TLS connection)



        • validation locally from 127.0.0.1

        • validation locally from local server IP address (172.31.26.169)



      2. Unable to connect from any external client using exact same syntax for lftp client.



        lftp -d -u username,password 172.31.26.169 -e "set ssl:verify-certificate false"


      Supporting information



      /etc/vsftpd.conf



      listen=YES
      anonymous_enable=NO
      local_enable=YES
      write_enable=YES
      dirmessage_enable=YES
      use_localtime=YES
      xferlog_enable=YES
      connect_from_port_20=YES
      chroot_local_user=YES
      secure_chroot_dir=/var/run/vsftpd/empty
      pam_service_name=vsftpd
      rsa_cert_file=/etc/ssl/private/vsftpd.pem
      rsa_private_key_file=/etc/ssl/private/vsftpd.pem
      ssl_enable=YES
      allow_anon_ssl=NO
      force_local_data_ssl=YES
      force_local_logins_ssl=YES
      ssl_tlsv1=YES
      ssl_sslv2=NO
      ssl_sslv3=NO
      require_ssl_reuse=NO
      ssl_ciphers=HIGH
      user_sub_token=$USER
      local_root=/home/$USER/ftp
      pasv_min_port=40000
      pasv_max_port=50000
      userlist_enable=YES
      userlist_file=/etc/vsftpd.userlist
      userlist_deny=NO
      debug_ssl=YES
      #implicit_ssl=YES (This setting causes 127.0.0.1 login testing to fail)
      log_ftp_protocol=YES
      require_cert=NO


      ufw status verbose



      Status: active
      Logging: on (high)
      Default: deny (incoming), allow (outgoing), disabled (routed)
      New profiles: skip

      To Action From
      -- ------ ----
      8080 ALLOW IN Anywhere 
      22 ALLOW IN Anywhere 
      54.210.201.141 22/tcp ALLOW IN Anywhere 
      80,443,8080/tcp ALLOW IN Anywhere 
      53 ALLOW IN Anywhere # open tcp and udp port 53 for dns
      20/tcp ALLOW IN Anywhere # ftp
      21/tcp ALLOW IN Anywhere # ftp
      22/tcp ALLOW IN Anywhere # port 22 for ssh
      40000:50000/tcp ALLOW IN Anywhere 
      990/tcp ALLOW IN Anywhere 
      8080 (v6) ALLOW IN Anywhere (v6) 
      22 (v6) ALLOW IN Anywhere (v6) 
      80,443,8080/tcp (v6) ALLOW IN Anywhere (v6) 
      53 (v6) ALLOW IN Anywhere (v6) # open tcp and udp port 53 for dns
      20/tcp (v6) ALLOW IN Anywhere (v6) # ftp
      21/tcp (v6) ALLOW IN Anywhere (v6) # ftp
      22/tcp (v6) ALLOW IN Anywhere (v6) # port 22 for ssh
      40000:50000/tcp (v6) ALLOW IN Anywhere (v6) 
      990/tcp (v6) ALLOW IN Anywhere (v6)


      netstat -tlnp



      Active Internet connections (only servers)
      Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
      tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 23158/vsftpd 
      tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1269/sshd 
      tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 1377/postgres 
      tcp6 0 0 :::8080 :::* LISTEN 3236/java 
      tcp6 0 0 :::22 :::* LISTEN 1269/sshd 
      tcp6 0 0 127.0.0.1:8005 :::* LISTEN 3236/java 
      tcp6 0 0 :::8009 :::* LISTEN 3236/java


      /etc/vsftpd.userlist



      has only 1 line with local username for ftp login access




      ubuntu vsftpd




      share|improve this question














      Fresh install of vsftpd is not accepting connections. I have got to be missing something simple, but I can't seem to figure it out. BTW lots of articles on this, read most of them...



      running ubuntu: 16.04.3 LTS



      running vsftpd: 3.0.3




      1. Things that ARE working (using lftp as client, TLS connection)



        • validation locally from 127.0.0.1

        • validation locally from local server IP address (172.31.26.169)



      2. Unable to connect from any external client using exact same syntax for lftp client.



        lftp -d -u username,password 172.31.26.169 -e "set ssl:verify-certificate false"


      Supporting information



      /etc/vsftpd.conf



      listen=YES
      anonymous_enable=NO
      local_enable=YES
      write_enable=YES
      dirmessage_enable=YES
      use_localtime=YES
      xferlog_enable=YES
      connect_from_port_20=YES
      chroot_local_user=YES
      secure_chroot_dir=/var/run/vsftpd/empty
      pam_service_name=vsftpd
      rsa_cert_file=/etc/ssl/private/vsftpd.pem
      rsa_private_key_file=/etc/ssl/private/vsftpd.pem
      ssl_enable=YES
      allow_anon_ssl=NO
      force_local_data_ssl=YES
      force_local_logins_ssl=YES
      ssl_tlsv1=YES
      ssl_sslv2=NO
      ssl_sslv3=NO
      require_ssl_reuse=NO
      ssl_ciphers=HIGH
      user_sub_token=$USER
      local_root=/home/$USER/ftp
      pasv_min_port=40000
      pasv_max_port=50000
      userlist_enable=YES
      userlist_file=/etc/vsftpd.userlist
      userlist_deny=NO
      debug_ssl=YES
      #implicit_ssl=YES (This setting causes 127.0.0.1 login testing to fail)
      log_ftp_protocol=YES
      require_cert=NO


      ufw status verbose



      Status: active
      Logging: on (high)
      Default: deny (incoming), allow (outgoing), disabled (routed)
      New profiles: skip

      To Action From
      -- ------ ----
      8080 ALLOW IN Anywhere 
      22 ALLOW IN Anywhere 
      54.210.201.141 22/tcp ALLOW IN Anywhere 
      80,443,8080/tcp ALLOW IN Anywhere 
      53 ALLOW IN Anywhere # open tcp and udp port 53 for dns
      20/tcp ALLOW IN Anywhere # ftp
      21/tcp ALLOW IN Anywhere # ftp
      22/tcp ALLOW IN Anywhere # port 22 for ssh
      40000:50000/tcp ALLOW IN Anywhere 
      990/tcp ALLOW IN Anywhere 
      8080 (v6) ALLOW IN Anywhere (v6) 
      22 (v6) ALLOW IN Anywhere (v6) 
      80,443,8080/tcp (v6) ALLOW IN Anywhere (v6) 
      53 (v6) ALLOW IN Anywhere (v6) # open tcp and udp port 53 for dns
      20/tcp (v6) ALLOW IN Anywhere (v6) # ftp
      21/tcp (v6) ALLOW IN Anywhere (v6) # ftp
      22/tcp (v6) ALLOW IN Anywhere (v6) # port 22 for ssh
      40000:50000/tcp (v6) ALLOW IN Anywhere (v6) 
      990/tcp (v6) ALLOW IN Anywhere (v6)


      netstat -tlnp



      Active Internet connections (only servers)
      Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
      tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 23158/vsftpd 
      tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1269/sshd 
      tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 1377/postgres 
      tcp6 0 0 :::8080 :::* LISTEN 3236/java 
      tcp6 0 0 :::22 :::* LISTEN 1269/sshd 
      tcp6 0 0 127.0.0.1:8005 :::* LISTEN 3236/java 
      tcp6 0 0 :::8009 :::* LISTEN 3236/java


      /etc/vsftpd.userlist



      has only 1 line with local username for ftp login access





      ubuntu vsftpd





      share|improve this question













      share|improve this question




      share|improve this question








      edited Jan 4 at 19:32









      jayhendren

      5,09721341




      5,09721341










      asked Jan 4 at 19:20









      Ralph Sr

      11




      11

























          active

          oldest

          votes











          Your Answer







          StackExchange.ready(function()
          var channelOptions =
          tags: "".split(" "),
          id: "106"
          ;
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function()
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled)
          StackExchange.using("snippets", function()
          createEditor();
          );

          else
          createEditor();

          );

          function createEditor()
          StackExchange.prepareEditor(
          heartbeatType: 'answer',
          convertImagesToLinks: false,
          noModals: false,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: null,
          bindNavPrevention: true,
          postfix: "",
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          );



          );








           

          draft saved


          draft discarded


















          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f414834%2fubuntu-vsftpd-not-connecting%23new-answer', 'question_page');

          );

          Post as a guest






















          active

          oldest

          votes













          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes










           

          draft saved


          draft discarded


























           


          draft saved


          draft discarded














          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f414834%2fubuntu-vsftpd-not-connecting%23new-answer', 'question_page');

          );

          Post as a guest
































































          6Ys6GywS1H ARB4c9dE9t1j 177AuF4WmMd xXlb uV bo1gqZVVsXCv7nXeSa,c1t5,khykboiMB4zc0jd,F QA wBMB
          -
          39Urcp8 zVc1R0VxNylP,dpuUn XjcK,3H,E99LXLCZmFZn4uPGwBCS,zTS3vt77qDgQZ,JKbt

          Popular posts from this blog

          How to check contact read email or not when send email to Individual?

          Image
          Clash Royale CLAN TAG #URR8PPP up vote 1 down vote favorite I'm using WordPress 4.9.8, CiviCRM to 5.5.1, I usually send email to contact by Search> Find contacts View contact details Action> Send email Send email ok, Contact received mail ok like picture But status only Email sent though contact read email or not. So, can CiviCRM can change status to Email read when contact read email? wordpress email share | improve this question asked Sep 26 at 0:12 ToanLuong 49 9 add a comment  |  up vote 1 down vote favorite I'm using WordPress 4.9.8, CiviCRM to 5.5.1, I usually send email to contact by Search> Find contacts View contact details Action> Send email Send email ok, Contact received mail ok like picture But status only Email sent though contact read email or not. So, can CiviCRM can change status to Email read when contact read email? wordpress email share | improve this questi...
          Read more

          How many registers does an x86_64 CPU actually have?

          Image
          Clash Royale CLAN TAG #URR8PPP up vote 2 down vote favorite I am currently learning reverse engineering and am studying the flags register. I had in my mind that rflags was just another name for one of the 16 general purpose registers, for example rax or rbx . But it looks like rflags is actually an additional register. So that makes 17 registers in total... how many more could there be? I have spent at least an hour on this and found numerous different answers. The best answer so far is this, which says that there are 40 registers in total. 16 General Purpose Registers 2 Status Registers 6 Code Segment Registers 16 SSE Registers 8 FPU/MMX Registers But if I add that up, I get 48. Could anybody provide an official answer on how many registers an x86_64 CPU has (e.g. an Intel i7). Additionally, I have seen references to 'hardware' and 'architectural' registers. What are those registers and how many are there? register x86-64 share | improve this...
          Read more

          Displaying single band from multi-band raster using QGIS

          Image
          Clash Royale CLAN TAG #URR8PPP 1 How can I extract a single band from multi-band raster in QGIS? I have an remote sensed image which has 6 bands (including NDVI band), I want to display each band separately, but have no idea how to do. I have seen some questions similar here but none worked for me. The original image (has 6 bands) is: I want to display the band 6 which should be like this: But I tried gdal_translate, and couldn't get the correct result. What I have got is: qgis raster multi-band share | improve this question edited Mar 5 at 0:53 Summer asked Mar 4 at 6:42 Summer Summer 23 6 Is this any help gis.stackexchange.com/questions/220658/… ? if not gis.stackexchange.com/questions/62133/… might help. – Michael Stimson Mar 4 at 6:46 Thanks for answering but when I used gdal_translate, qgis showed that 'Error 4: Kayena.tif: No such file or directory". Would you know how to fi...
          Read more