Marcus Hall

User Tools

Site Tools

Trace: virus browsers neo4j encryption ldap technical analysisandtesting htaccess ipv6 pfsense
software:linux:vsftpd

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
software:linux:vsftpd [2017/10/29 04:56] superwizardsoftware:linux:vsftpd [2024/02/10 04:48] (current) – [Find passive mode port from log] superwizard
Line 1: Line 1:
 +====== explorer only supports plain FTP, not encrypted ======
 +
 +
 +<WRAP center round box >
 +2024-02-08
 +
 +vsftpd
 +
 +Sadly explorer only supports plain FTP, not encrypted
 +
 +From <https://www.reddit.com/r/techsupport/comments/uvzhwy/ftp_with_tls_on_windows_explorer/> 
 +
 +You must use other applications such as Filezilla or WinSCP for this type of connections and make the transfers, edits and deletions that you want.
 +For this you have to change two parameters of vsftpd.conf
 +    force_local_data_ssl=NO 
 +    force_local_logins_ssl=NO
 +
 +From <https://askubuntu.com/questions/1166871/ftp-server-with-tls-does-not-work-in-windows-file-explorer-and-browsers> 
 +
 +
 +</WRAP>
 +
 +
 +====== Find passive mode port from log ======
 +
 +
 +<WRAP center round box >
 +
 +from what I understand the port is aquired by multiplying the 5th octet next to ---> PORT with 256 then adding the 6th octet to that. So the LAN client is connecting on port (196*256)+33 = 50179 While the WAN client is connecting on port (235*256)+162 = 60322
 +
 +https://askubuntu.com/questions/1013520/vsftpd-not-respecting-passive-settings-in-config
 +
 +
 +</WRAP>
 +
 +
 ====== setup of second vsftpd with different port ====== ====== setup of second vsftpd with different port ======
  
Line 21: Line 57:
 WantedBy=multi-user.target WantedBy=multi-user.target
  
 +
 +Second vsftpd_2.conf
 +listen=YES
 +anonymous_enable=NO
 +local_enable=YES
 +write_enable=YES
 +dirmessage_enable=YES
 +use_localtime=YES
 +xferlog_enable=YES
 +connect_from_port_20=YES
 +listen_port=21
 +user_sub_token=$USER
 +pasv_enable=YES
 +pasv_min_port=40101
 +pasv_max_port=40200
 +#pasv_address=1.1.1.1
 +userlist_enable=YES
 +userlist_file=/etc/vsftpd.userlist
 +userlist_deny=NO
 +
 +# This option should be the name of a directory which is empty.  Also, the
 +# directory should not be writable by the ftp user. This directory is used
 +# as a secure chroot() jail at times vsftpd does not require filesystem
 +# access.
 +secure_chroot_dir=/var/run/vsftpd/empty
 +#
 +# This string is the name of the PAM service vsftpd will use.
 +pam_service_name=vsftpd
 +#
 +# This option specifies the location of the RSA certificate to use for SSL
 +# encrypted connections.
 +#rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
 +#rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
 +#ssl_enable=NO
 +
 +#
 +# Uncomment this to indicate that vsftpd use a utf8 filesystem.
 +#utf8_filesystem=YES
 +
 +
 +Ubuntu
 +load the systemd service file to:
 +
 +/lib/systemd/system
 +
 +[Unit]
 +Description=vsftpd FTP server
 +After=network.target
 +
 +[Service]
 +Type=simple
 +ExecStart=/usr/sbin/vsftpd /etc/vsftpd_internal_21.conf
 +ExecReload=/bin/kill -HUP $MAINPID
 +ExecStartPre=-/bin/mkdir -p /var/run/vsftpd/empty
 +
 +[Install]
 +WantedBy=multi-user.target
  
 </code> </code>
software/linux/vsftpd.1509253002.txt.gz · Last modified: by superwizard