NiyasHussain.com

If “530 Login authentication failed ” while trying to connet ftp .

Then,

1)change to proftpd
2)Synchronize FTP Passwords

3) /scripts/ftpup –force

/scripts/updateuserdomains

/scripts/ftpupdate

Setting up an FTP server is very simple. The steps are as follows
—————————————————————–

* Download the rpm.
* Install the rpm.
* Edit the .conf file.
* Start the ftp server.
* Test the connection.

Download the RPM
—————-

There are many ftp servers available for Linux. Most ftp servers do the same thing so the choice is really up to you. The ftp server that I like to use is vsftpd. The rpm is usually available from the installation discs or can be downloaded from rpmfind or just use google. vsftpd is used by many large companies as the ftp server of choice and is very secure (it’s part of the name so it must be true, right?).

Install the ftp server.
———————–

First check to see if VSFTPD is already installed on your machine, this is easily done by using:

root@cartman> rpm -q vsftpd

The system will tell you if the server is installed or not. If you get this message ‘package vsftpd is not installed’ then you will need to install the ftp server.

First download the latest version of VSFTPD from your preferred mirror and save it to e.g. /tmp on the server. The ftp directory structure required for your repository is unlikely to exist yet so you will need to create the repository directories that you planned out above, for example:

root@cartman> mkdir -p /var/ftp/pub/9/updates/

(the -p flag tells mkdir to create the whole tree of directories as required).

To install/upgrade the ftp server run the following as root:

root@cartman>rpm -Uvh /tmp/vsftpd-1.1.3-8.i386.rpm

Note that one will want this rpm to be in a repository the server itself uses to yum update from in the long run. It is very likely to be in a primary distribution repository you mirror, but you may have to put it in a local/update repository you maintain yourself from some other source.

(You can of course use rpm -ivh vsftpd-1.1.3-8.i386.rpm to install the package if the package is not already installed. The flag -U is for upgrade and -i is for install. No big deal, they will both work if the package does not exist on your system, IMHO -U is just better practise. It is not a good idea to use rpm -i if a previous version of the package already exists on your system.)

Edit the vsftpd.conf file
————————-

After the ftp package has been installed you will need to edit the vsftp.conf file. This is usually found at /etc/vsftpd/vsftpd.conf. If it is not here then just run:

jdip@cartman>rpm -ql vsftpd

and look in the list where the .conf file is. To edit the .conf file you can use kate, gedit, vi or any other text editor. This is the configuration file for the ftp server. You will need to be root to change the file:

root@cartman>vi /etc/vftp/vsftp.conf

If your network is secure and behind a firewall then you can leave the following option in the .conf file. This option allows for anonymous ftp access to your server:

# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=YES

You can also change the welcome message of the ftp server.

# You may fully customise the login banner string:
ftpd_banner=Welcome to yum FTP service.

If you want increased security for your ftp server then set the flag anonymous_enable=NO. This will force the user to log into the ftp server to get access to the packages. If you want to use this option then you will need to create a yum user on the server that can be used by the yum client to access the server. It is prudent to make users log into the ftp server, but if this is your private server then it may not be necessary.

Save the .conf file.

You will need to (re)start the service to activate the changes to the ftp server (see next section).

Start the server
—————-

If you installed VSFTPD from the rpm then VSFTPD can be started as a service:

root@cartman>service vsftpd restart

You should get this message:

Shutting down vsftpd: [ OK ] or [ FAILED ]
Starting vsftpd for vsftpd: [ OK ]

You will want your ftp server to start every time you start Linux so it is also prudent to run:

root@cartman>chkconfig vsftpd on
root@cartman>chkconfig –list vsftpd

You should get a message that looks like this:

vsftpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off

Your ftp server will now start every time you start Linux on this machine. The ftp server is up and waiting for connections.

Testing the FTP server
———————-

It is a good idea to test that the ftp server is working correctly. This is easily done by logging onto the ftp server:

jdip@cartman>ftp 127.0.0.1
Connected to 127.0.0.1 (127.0.0.1).
220 Welcome to yum FTP service.
Name (127.0.0.1:root): anonymous
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>

If you type ls at the prompt you will see that you are in the ‘pub’ directory. This is /var/ftp/pub. This path (and the full path of the repository you’re setting up) are important to remember for when you use rsync to build the mirrors, for when you use yum-arch to “yummify” the repository (see below), and for setting up a local yum.conf for your local clients so that they can update from this ftp-based repository.

That is it. The ftp server is running and waiting for connections. Skip ahead to where it describes how to get and install yum and yummify the repository.

ALTERNATIVE STEP
—————-

#yum install ftpserver

CREATE FTP USER TO A DIRECTORY
——————————-

#useradd -d “directory name” user_name
#passwd user_name

COMMANDS
——–

[root@bigboy tmp]# /etc/init.d/vsftpd start
[root@bigboy tmp]# /etc/init.d/vsftpd stop
[root@bigboy tmp]# /etc/init.d/vsftpd restart

[root@bigboy tmp]# chkconfig vsftpd on

root@u-bigboy:/tmp# sysv-rc-conf on

Testing the Status of VSFTPD
——————————

[root@bigboy root]# netstat -a | grep ftp
tcp 0 0 *:ftp *:* LISTEN
[root@bigboy root]#

FTP Security Issues
———————

FTP has a number of security drawbacks, but you can overcome them in some cases. You can restrict an individual Linux user’s access to non-anonymous FTP, and you can change the configuration to not display the FTP server’s software version information, but unfortunately, though very convenient, FTP logins and data transfers are not encrypted.
The /etc/vsftpd.ftpusers File

For added security, you may restrict FTP access to certain users by adding them to the list of users in the /etc/vsftpd.ftpusers file. The VSFTPD package creates this file with a number of entries for privileged users that normally shouldn’t have FTP access. As FTP doesn’t encrypt passwords, thereby increasing the risk of data or passwords being compromised, it is a good idea to let these entries remain and add new entries for additional security.

Anonymous Upload
—————–

If you want remote users to write data to your FTP server, then you should create a write-only directory within /var/ftp/pub. This will allow your users to upload but not access other files uploaded by other users. The commands you need are:

[root@bigboy tmp]# mkdir /var/ftp/pub/upload
[root@bigboy tmp]# chmod 722 /var/ftp/pub/upload

FTP Greeting Banner
——————-

Change the default greeting banner in the vsftpd.conf file to make it harder for malicious users to determine the type of system you have. The directive in this file is.

ftpd_banner= New Banner Here

Troubleshooting FTP
———————-

You should always test your FTP installation by attempting to use an FTP client to log in to your FTP server to transfer sample files.

The most common sources of day-to-day failures are incorrect usernames and passwords.

Initial setup failures could be caused by firewalls along the path between the client and server blocking some or all types of FTP traffic. Typical symptoms of this are either connection timeouts or the ability to use the ls command to view the contents of a directory without the ability to either upload or download files. Follow the firewall rule guidelines to help overcome this problem. Connection problems could also be the result of typical network issues outlined in Chapter 4, “Simple Network Troubleshooting”.
Tutorial

FTP has many uses, one of which is allowing numerous unknown users to download files. You have to be careful, because you run the risk of accidentally allowing unknown persons to upload files to your server. This sort of unintended activity can quickly fill up your hard drive with illegal software, images, and music for the world to download, which in turn can clog your server’s Internet access and drive up your bandwidth charges.
FTP Users with Only Read Access to a Shared Directory

In this example, anonymous FTP is not desired, but a group of trusted users need to have read only access to a directory for downloading files. Here are the steps:

1) Disable anonymous FTP. Comment out the anonymous_enable line in the vsftpd.conf file like this:

# Allow anonymous FTP?
anonymous_enable=NO

2) Enable individual logins by making sure you have the local_enable line uncommented in the vsftpd.conf file like this:

# Uncomment this to allow local users to log in.
local_enable=YES

3) Start VSFTP.

[root@bigboy tmp]# service vsftpd start

4) Create a user group and shared directory. In this case, use /home/ftp-users and a user group name of ftp-users for the remote users

[root@bigboy tmp]# groupadd ftp-users
[root@bigboy tmp]# mkdir /home/ftp-docs

5) Make the directory accessible to the ftp-users group.

[root@bigboy tmp]# chmod 750 /home/ftp-docs
[root@bigboy tmp]# chown root:ftp-users /home/ftp-docs

6) Add users, and make their default directory /home/ftp-docs

[root@bigboy tmp]# useradd -g ftp-users -d /home/ftp-docs user1
[root@bigboy tmp]# useradd -g ftp-users -d /home/ftp-docs user2
[root@bigboy tmp]# useradd -g ftp-users -d /home/ftp-docs user3
[root@bigboy tmp]# useradd -g ftp-users -d /home/ftp-docs user4
[root@bigboy tmp]# passwd user1
[root@bigboy tmp]# passwd user2
[root@bigboy tmp]# passwd user3
[root@bigboy tmp]# passwd user4

7) Copy files to be downloaded by your users into the /home/ftp-docs directory

Change the permissions of the files in the /home/ftp-docs directory for read only access by the group

[root@bigboy tmp]# chown root:ftp-users /home/ftp-docs/*
[root@bigboy tmp]# chmod 740 /home/ftp-docs/*

Users should now be able to log in via FTP to the server using their new usernames and passwords. If you absolutely don’t want any FTP users to be able to write to any directory, then you should set the write_enable line in your vsftpd.conf file to no:

write_enable = NO

Remember, you must restart VSFTPD for the configuration file changes to take effect.

What is FTP?

FTP (File Transfer Protocol) allows a person to transfer files
between two computers, generally connected via the Internet. If
your system has FTP and is connected to the Internet, you can
access very large amounts of files available on a great number of
computersystems. If you are on Bitnet or a UUCP host, you should
look for servers that work through electronic mail (e-mail). A
good source of information on archives in general, is the Usenet
newsgroup comp.archives. When using FTP, you use a program, called
a ‘client’ to connect to a machine that holds the files, a ’server’.

What is Anonymous FTP?

Many computersystems throughout the Internet offer files through
anonymous FTP. This means that you can access a machine
without having to have an account on that machine (i.e. you don’t
have to be an official user of the system). These anonymous FTP
servers contain software, documents of various sorts, files
for configuring networks, graphic images, songlyrics and all sorts
of other information. Archives for electronic mailing lists are
often stored on and are available through anonymous FTP. An
enormous amount of information is stored on these machines and is
ready for anyone who’s seeking it.

Note that all this is subject to change, it is a privilege
and the person responsible for the machine can shut it down
at any time without you being able to do anything about it.

Commands

All the normal FTP commands may be used to retrieve files. Some
FTP commands are the same on different computers, but others
are not. Also, some of the ftp sites offer custom commands like
getting a directory with one command, ‘regetting’ a file or searching
of directories. Read the relevant README files on the site itself
for the ’special access features’.
Usually, FTP will list the commands if you type ‘help’ or type a
question mark (?). Also, your computer’s help command may have
information about FTP. Try ‘man ftp’, ‘man ftpd’, ‘help ftp’,
‘ftp /?’, ‘ftp -?’ or ‘ftp /h’ (all these to be typed without
quotes).

Some useful commands available on most systems include:

ascii Switch to ascii mode. Ascii mode is the default mode
and used for transferring text files
binary Switch to binary mode. For transferring binary files
like .ZIP files, .Z files and the like
cd Change the directory on the remote computer
dir List the files in the current directory on the remote
computer.
ls Same as ‘dir’, but shows less information sometimes.
get Copy a file from the remote computer to yours
hash Puts a ‘#’ on the screen for every of bytes
transferred. is 1024 in some cases, 2048 in others
but is between 1024 and 4096 in most cases.
Check the ftp ‘help’ function for more info on the number for
your clientprogram.
help Gives help on the use of commands within the ftp program
lcd Change the directory on your computer (the ‘l’ is for local)
lpwd Shows the present working directory (pwd) on your
computer (the ‘l’ is for local). Note: this may not
work on all machines. On a Unix machine, try !pwd
if lwpd doesn’t work.
mget Copy multiple files from the remote computer to yours
pwd Shows the present working directory (pwd) on the
remote computer

Procedure

Anonymous FTP is a facility offered by many machines on the
Internet. This permits you to log in with the user name ‘anonymous’
or the user name ‘ftp’. When prompted for a password, type your e-mail
address — it’s not necessary, but it’s a courtesy for those
sites that like to know who is making use of their facility. Be
courteous. Some sites require a valid e-mail address, others don’t.

You can then look around and retrieve files. (Most anonymous ftp
sites do not permit people to store files). Note that when you
retrieve files, you have to know where the files are going to
end up on your machine. This is where the ‘lpwd’ command comes
in handy. Also note that when you have transferred a file that
you want to use on your PC, but you run ftp from a Unix machine
(or a similar mainframe or network machine), you will have to ftp
the file from the Unix machine to your PC first (this is assuming
that you can’t ftp to outside your company or campus from your PC,
otherwise you could have gotten the file directly to the PC).
This may sound silly, but sometimes people don’t know where their
files are stored or a system administrator decides to give ftp
access to only a few systems.

Typically, a directory called ‘pub’ is where the interesting
things are stored. Some sites will have a file with a name
like ls-lR, that contains a complete list of the files on
that site. Otherwise, you can type ls -lR and get such a listing
– for some sites, this can take a LONG time (the size of the
resulting file can be anywhere between approximately 2000 bytes
and 25Mb).

When retrieving non-text files, you must use binary mode,
otherwise the file gets messed up. To do this, use the
‘binary’ command. (It’s safe to set this for text files, but
the result might look a bit different from an ASCII transfer)
If the site at the other end is non-Unix, you may need to
use some other mode — see the documents or README files
for that site and for FTP (common other modes, are LZ for
VAX Multinet servers, tenex or image for some others).

The simplest way to initiate FTP would be to give the command
‘ftp ‘. The is the remote
system you are connecting to, either a name like garbo.uwasa.fi,
if you have an entry in /etc/hosts or are accessing a Domain
Name Server or the Internet address 193.166.120.5 for Garbo. If
that last sentence doesn’t seem to make sense just try: ftp
garbo.uwasa.fi or ftp 193.166.120.5 and look what happens.
After a short wait, you will be prompted for your username. If
you do not have an account on the remote system, some systems
allow you to use ‘anonymous’. This gives you a restricted
access path (meaning that you can only run certain commands
like ‘dir’ or ‘ls’ and are allowed only access to certain
directories like ‘pub’).

You would then be prompted for a password. Some systems will
tell you to send your real identity as the password. What you
type doesn’t matter in most cases, but it is suggested to give
your e-mail address. This as a courtesy to the archive maintainers,
who would like to know who’s using their system. Other systems
need a password of ‘guest’, or something similar.
DO NOT TYPE A PASSWORD THAT YOU USE ON YOUR OWN SYSTEM!

After that, you should receive the FTP prompt ( usually ftp> )
and have access. You can get a directory of files by giving a
‘dir’ command. If the remote system is Unix-based and dir does
not work, try ‘ls -l’ for an MS-DOS like output.
On Garbo, there is a file available in the default anonymous ftp
directory that explains what Garbo is and where files are located.
Look for 00-index.txt or README files or some similar name.

Command
———-
ftp test.com

username : anonymous
password : guest or your email id