Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


FTP not working on dedicated servers, Virtualmin. But work with Windows & VPS
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

FTP not working on dedicated servers, Virtualmin. But work with Windows & VPS

I must ask again. I have a really strange issue, and I can't seem to find any solution to it.
I have always used Virtualmin/Webmin on my servers and have created a auto setup file with all my settings etc, that I use on any new VPS.
I have VPS from Vultr, DO and lots of VPSs on my Hetzner servers, there I'm using Hyper-V.
Never had any issues.

But when I started using my Kimsufi servers, I can not get an FTP connection at all.
Get this error message:
Status: Resolving address of xxxxxx.xyxkxn.com Status: Connecting to 91.xxx.xx.xx:21... Status: Connection attempt failed with "ECONNREFUSED - Connection refused by server". Error: Could not connect to server

The strange this is that Port 21 is open in Firewall, and it's working out from the server, but I can't connect in to the server.
I have tried lots of my servers (I have 19), I have tried with CentOS 6.8 that I normally uses, I have tried with CentOS 7.2, I have tried with my setup script, and I have tried just to do a clean install of Virtualmin direct from their site on clean servers.

If I use Windows and FileZilla FTP server on the same servers, FTP works without any issues. So they are not blocking the 21 port.
I also have a hostname on the server that I have in my DNS setup, so the name has the correct IP to the server.

SSH/SFTP (in FileZilla) is working on the Linux servers that FTP don't work on. But it is a pain in the a**, since I have restricted access in sshd_config with username and IP. So then I have to add every FTP user and every IP I use for FTP.

Why is this only happening on dedicated servers from Kimusufi and not VPS servers?

I must also say that in Virtualmin the Pro FTP server is running without any issues, still I can't connect to it.

Comments

  • MakenaiMakenai Member
    edited August 2016

    Check if the proftpd daemon is listening on the port 21 by running
    sudo netstat -tulpn

    Does your server have IPv6 configured? I've seen a few daemons (i.e tftpd) which listens only to IPv6 by default.

  • @Makenai said:
    Check if the proftpd daemon is listening on the port 21 by running
    sudo netstat -tulpn

    Does your server have IPv6 configured? I've seen a few daemons (i.e tftpd) which listens only to IPv6 by default.

    I have not configured IPv6, but the servers comes with IPv6. and for your first question, the port 21 is not showing up in the list, but it does on one of my random VPS server.

    How can I fix this?

  • Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:xxxx 0.0.0.0:* LISTEN 31815/sshd tcp 0 0 0.0.0.0:xxxx 0.0.0.0:* LISTEN 3016/mysqld tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 1549/perl tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 1448/postmaster tcp 0 0 0.0.0.0:20000 0.0.0.0:* LISTEN 1542/perl tcp 0 0 :::xxxx :::* LISTEN 31815/sshd tcp 0 0 :::2222 :::* LISTEN 11469/proftpd tcp 0 0 :::80 :::* LISTEN 1480/httpd tcp 0 0 :::443 :::* LISTEN 1480/httpd udp 0 0 0.0.0.0:110 0.0.0.0:* 917/portreserve udp 0 0 0.0.0.0:143 0.0.0.0:* 917/portreserve udp 0 0 0.0.0.0:783 0.0.0.0:* 917/portreserve udp 0 0 0.0.0.0:993 0.0.0.0:* 917/portreserve udp 0 0 0.0.0.0:995 0.0.0.0:* 917/portreserve udp 0 0 0.0.0.0:10000 0.0.0.0:* 1549/perl udp 0 0 0.0.0.0:20000 0.0.0.0:* 1542/perl

    What is that 2222 port? I tried to open the firewall and connect with FTP. But then I get

    Status: Connection established, waiting for welcome message... Response: SSH-2.0-mod_sftp/0.9.7 Error: Cannot establish FTP connection to an SFTP server. Please select proper protocol. Error: Critical error: Could not connect to server

  • ehabehab Member

    maybe you need to start the ftp service?

  • Pro FTP is running, and I have I tried to stop it, start it, and restart it. Nothings helps:

  • service vsftpd status?

  • myhkenmyhken Member
    edited August 2016

    @century1stop said:
    service vsftpd status?

    service vsftpd status vsftpd: unrecognized service

    but

    service proftpd status proftpd (pid 30172) is running...

  • ehabehab Member

    try

    service proftpd stop
    service vsftpd start
    
  • myhkenmyhken Member
    edited August 2016

    @ehab said:
    try

    service proftpd stop
    service vsftpd start
    

    I had to install vsftpd from yum. It's now running, but I get this error message in Filezilla:

    Status: Resolving address of xxxx.xyxkxn.com Status: Connecting to 91.xxx.xxx.xxx:21... Status: Connection established, waiting for welcome message... Status: Insecure server, it does not support FTP over TLS. Status: Logged in Status: Retrieving directory listing... Command: PWD Response: 257 "/home/xxxxxx" Command: TYPE I Response: 200 Switching to Binary mode. Command: PASV Response: 227 Entering Passive Mode (91,xxx,xxx,xxx,188,133). Command: LIST Error: Connection timed out after 20 seconds of inactivity Error: Failed to retrieve directory listing

  • ehabehab Member

    connection is fine, now looks like it needs configuration e.g. setting users/sharedir or if you use SELINUX then

    sudo setsebool -P allow_ftpd_full_access 1

  • if I'm not wrong filezilla/winscp only supports sftp
    try ftp localhost for both protocols

  • @ehab said:
    connection is fine, now looks like it needs configuration e.g. setting users/sharedir or if you use SELINUX then

    sudo setsebool -P allow_ftpd_full_access 1

    setsebool -P allow_ftpd_full_access 1 setsebool: SELinux is disabled.

    But why do I have to do all this on a dedicated server when virtualmin and ProFTP works 100% on any VPS?

  • @century1stop said:
    if I'm not wrong filezilla/winscp only supports sftp
    try ftp localhost for both protocols

    Can you tell me more? Do FileZilla client only work with sftp? I'm using FileZilla to connect to around 20 other VPS servers I have without any issues. It's only when I try to connect to a dedicated server I have issues. I only use Filezilla client on my computers. I using FileZilla server only on my Windows servers.

  • ehabehab Member

    this is why i don't use panels in the first place! it is hard to tell without logs and running some cmd's.

    if you run out of ideas you can try to reboot.

    Thanked by 1myhken
  • well, like I said, not certain. try ftp localhost using proftpd protocol, see if connection can be established

    Thanked by 1myhken
  • Have of course rebooted the server (all the servers). It's so strange, it work on everything, beside dedicated servers, and for now I only have Kimsufi servers I can test on.

  • Ovh uses own kernels with their installs which may use very restrictiv policies on how /sys and /dev are populated. I ran into issues with programs which run as unprivileged users but try reading from there...

    So I'd guess proftpd might run into something similar. Try to reinstall but check for using nativ kernel of your desired distro.

    Or at least for testing purposes run your proftpd as root to see if this makes the difference at all.

    Thanked by 1myhken
  • I have to decide how much time I will use on this. Since SFTP is working, and I just have to add the names and IP once, and since I mostly using FTP from the same computers, I can live with that. The Kernel thing can be the reason maybe, it's very strange that it just happen with Kimsufi servers. Tnx for all the help so far.

  • firewalls? Can you see the port using nmap or netcat?

    Thanked by 1myhken
  • @eastonch said:
    firewalls? Can you see the port using nmap or netcat?

    The firewall is not the issue. I tried to turn it off to be sure. And why should the firewall block FTP on just dedicated servers when I do a clean virtualmin install and not on a VPS when I do the same? I have used Virtualmin for 4-5 years now, never seen this issue with FTP.

  • Passive mode appears to be your issue.

    Response: 227 Entering Passive Mode (91,xxx,xxx,xxx,188,133).

    Change the server settings to disable Passive mode, or allow the passive ports on both ends of firewall. You could also force FileZilla into Active mode only.

    Thanked by 1myhken
  • FalzoFalzo Member
    edited August 2016

    myhken said: I have to decide how much time I will use on this.

    understandable. but consider this to most likely become an issue elsewhere in your setup too, which may cause you further time needing trouble you don't see yet coming.

    have a look at uname ­­̵a you'll see if it is not the normal kernel. and try a simple example: install vnstat and watch if it shows statistics after some minutes... if not it may not be able to read from /dev/net

    I'd guess webmin may also show weird things if not able to read around /dev ;-)

    Thanked by 1myhken
  • Could always wireshark the traffic and see what exactly goes wrong..

    Thanked by 1myhken
  • myhkenmyhken Member
    edited August 2016

    I not a totally noob when it comes to Linux, but I'm not an expert either. So I need to be spoon fed commands to test etc. After looking on several dedicated servers from Kimsufi, it seems like ProFTP gets port 2222, but I can't connect to that port without using SFTP. And when I use the port I only get
    Error: Connection timed out after 20 seconds of inactivity Error: Could not connect to server

  • if you can afford to start from scratch with your setup script - I'd strongly suggest to simply reinstall the server BUT check the box for 'custom setup' in the first step of the form in their control panel!

    then you'll be able to see the option 'use distribution kernel' in a later step of this and for sure choose that option too.

    otherwise their install routine will always use a ovh modified kernel...

    when using the native kernel from the distribution you are used to you should most likely overcome the problems you are experiencing.

    with your setup script I assume work load would be low on this way - at least if you're not having a bunch of data on it already.

    btw: I don't see any option for automatic renewal either with kimsufi...

    Thanked by 1myhken
  • tnx, will deploy some of my unused KS-1 servers and test with them. The servers I have used now, is live servers..

    And tnx for the info about renewing.

  • Try using 'passive mode' to connect to ftp server.

    Thanked by 1myhken
Sign In or Register to comment.