Differences

This shows you the differences between two versions of the page.

--- software:linux:vsftpd [2016/11/13 18:57] – superwizard
+++ software:linux:vsftpd [2024/02/10 04:48] (current) – [Find passive mode port from log] superwizard
@@ Line 1: / Line 1: @@
-Good Overview
+====== explorer only supports plain FTP, not encrypted ======
+<WRAP center round box >
+-02-08
+vsftpd
+Sadly explorer only supports plain FTP, not encrypted
+From <https://www.reddit.com/r/techsupport/comments/uvzhwy/ftp_with_tls_on_windows_explorer/>
+You must use other applications such as Filezilla or WinSCP for this type of connections and make the transfers, edits and deletions that you want.
+For this you have to change two parameters of vsftpd.conf
+    force_local_data_ssl=NO
+    force_local_logins_ssl=NO
+From <https://askubuntu.com/questions/1166871/ftp-server-with-tls-does-not-work-in-windows-file-explorer-and-browsers>
+</WRAP>
+====== Find passive mode port from log ======
+<WRAP center round box >
+from what I understand the port is aquired by multiplying the 5th octet next to ---> PORT with 256 then adding the 6th octet to that. So the LAN client is connecting on port (196*256)+33 = 50179 While the WAN client is connecting on port (235*256)+162 = 60322
+https://askubuntu.com/questions/1013520/vsftpd-not-respecting-passive-settings-in-config
+</WRAP>
+====== setup of second vsftpd with different port ======
+From: http://0pointer.de/blog/projects/systemd-for-admins-3.html
+Also: http://0pointer.de/blog/projects/systemd-for-admins-2.html
+How Do I Convert A SysV Init Script Into A systemd Service File?
+<code>
+From the information extracted above we can now write our systemd service file:
+[Unit]
+Description=Daemon to detect crashing apps
+After=syslog.target
+[Service]
+ExecStart=/usr/sbin/abrtd
+Type=forking
+[Install]
+WantedBy=multi-user.target
+Second vsftpd_2.conf
+listen=YES
+anonymous_enable=NO
+local_enable=YES
+write_enable=YES
+dirmessage_enable=YES
+use_localtime=YES
+xferlog_enable=YES
+connect_from_port_20=YES
+listen_port=21
+user_sub_token=$USER
+pasv_enable=YES
+pasv_min_port=40101
+pasv_max_port=40200
+#pasv_address=1.1.1.1
+userlist_enable=YES
+userlist_file=/etc/vsftpd.userlist
+userlist_deny=NO
+# This option should be the name of a directory which is empty.  Also, the
+# directory should not be writable by the ftp user. This directory is used
+# as a secure chroot() jail at times vsftpd does not require filesystem
+# access.
+secure_chroot_dir=/var/run/vsftpd/empty
+#
+# This string is the name of the PAM service vsftpd will use.
+pam_service_name=vsftpd
+#
+# This option specifies the location of the RSA certificate to use for SSL
+# encrypted connections.
+#rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
+#rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
+#ssl_enable=NO
+#
+# Uncomment this to indicate that vsftpd use a utf8 filesystem.
+#utf8_filesystem=YES
+Ubuntu
+load the systemd service file to:
+/lib/systemd/system
+[Unit]
+Description=vsftpd FTP server
+After=network.target
+[Service]
+Type=simple
+ExecStart=/usr/sbin/vsftpd /etc/vsftpd_internal_21.conf
+ExecReload=/bin/kill -HUP $MAINPID
+ExecStartPre=-/bin/mkdir -p /var/run/vsftpd/empty
+[Install]
+WantedBy=multi-user.target
+</code>
+====== vsftpd and pasv_address ======
+From : https://superuser.com/questions/819181/vsftpd-returns-wrong-pasv-address
+<code>
+pasv_addr_resolve=YES
+Then you should be able to put a hostname instead of an IP address as the pasv_address. pasv_addr_resolv defaults to NO.
+</code>
+====== Good Overview ======
 From: https://help.ubuntu.com/community/vsftpd