Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

help with setup a ftp server on linux vps with nginx! - Page 2
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

help with setup a ftp server on linux vps with nginx!

2»

Comments

  • WunderbarWunderbar Member
    edited December 2012

    @Wintereise said: There's a mode called passive, use it. Morons complaining about for no reason.

    A bit further:

    So it's a good thing we have passive mode, right? A client behind a NAT can tell the server to make up a random port, listen on it, and advertise it to the client. The client can then make a second connection, which the NAT will handle properly.

    And then:

    That is, unless the server is also firewalled.
    But when a passive-mode FTP client makes a connection to a NATted server, things don't go so well! The server chooses a random port and says to the client, "connect to me on IP 10,11,12,13 PORT 14,15". But alas, the server's IP address is non-routable! The client can't connect to that IP address.

    Which can be the problem @johanc, @jarland and others are having.

  • sleddogsleddog Member

    A common FTP-authentication pitfall is trying to login via FTP as a user that doesn't have a valid shell. And I don't mean a login-shell like /bin/bash :)

    For example, on Debian create a user "tom" with a home directory, a password, and assign "/bin/false" as the shell, so that tom can't login via SSH. Install and setup vsftpd. You'll find that tom can't login via FTP ....

    The solution is simple but not that obvious... /bin/false exists, but isn't in the list of recognized shells (/etc/shells).

     [root@vps] echo /bin/false >> /etc/shells

    Now tom can login.

    Different distros handle this differently. And control panels usually resolve it for you.

  • WintereiseWintereise Member
    edited December 2012

    @wunderbear I agree, but most clients actually try to fix that automatically (I know Filezilla does)

    Besides, setting up a daemon isn't exactly meant to be elementary knowledge, you should know a thing or two before even heading in that direction.

    All I'm saying is that the complete hate on FTP and 'love' for SFTP is baffling (and without reason, for the most part).

    Another thing, PAM for FTP is simple, but if you need them, a plethora of other login methods exist for virtually every ftp server too. (Pure can do mysql, or even raw shell.)

    Sure, SFTP is more secure, but you don't need that everywhere.

    Same argument as Layer 2 / Layer 3 for OpenVPN, sure, it works - but why deliberately introduce overhead for absolutely no reason?

Sign In or Register to comment.