Tag Archives: ftp

[Solved] FTP Setup Error: Job for vsftpd.service failed because the control process exited with error code…

Error in setting up FTP: job for vsftpd service failed because the control process exited with error code. See “systemctl status vsftpd.service” and “journalctl -xe” for details.

Solution:

First check whether our port 21 is occupied:

[root@VM-12-16-centos lighthouse]# lsof -i:21
COMMAND     PID USER   FD   TYPE  DEVICE SIZE/OFF NODE NAME
pure-ftpd 16235 root    4u  IPv4 1014289      0t0  TCP *:ftp (LISTEN)
pure-ftpd 16235 root    5u  IPv6 1014290      0t0  TCP *:ftp (LISTEN)

We need to kill the process pure-ftpd with process number 16235:

[root@VM-12-16-centos lighthouse]# kill -9 16235 
[root@VM-12-16-centos lighthouse]# lsof -i:21

If there is no prompt, it means that kill is successful!

The next step is to solve the vsftpd configuration file:

[root@VM-12-16-centos lighthouse]# sudo vim /etc/vsftpd/vsftpd.conf

The content of vsftpd configuration file is, which can be copied directly. Just change the IP:

# Example config file /etc/vsftpd/vsftpd.conf
#
# The default compiled in settings are fairly paranoid. This sample file
# loosens things up a bit, to make the ftp daemon more usable.
# Please see vsftpd.conf.5 for all compiled in defaults.
#
# READ THIS: This example file is NOT an exhaustive list of vsftpd options.
# Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
# capabilities.
#
# Allow anonymous FTP?(Beware - allowed by default if you comment this out).
anonymous_enable=NO
#
# Uncomment this to allow local users to log in.
# When SELinux is enforcing check for SE bool ftp_home_dir
local_enable=YES
#
# Uncomment this to enable any form of FTP write command.
write_enable=YES
#
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
local_umask=022
#
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
# When SELinux is enforcing check for SE bool allow_ftpd_anon_write, allow_ftpd_full_access
#anon_upload_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
#
# Activate directory messages - messages given to remote users when they
# go into a certain directory.
dirmessage_enable=YES
#
# Activate logging of uploads/downloads.
xferlog_enable=YES
#
# Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
#
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using "root" for uploaded files is not
# recommended!
#chown_uploads=YES
#chown_username=whoever
#
# You may override where the log file goes if you like. The default is shown
# below.
#xferlog_file=/var/log/xferlog
#
# If you want, you can have your log file in standard ftpd xferlog format.
# Note that the default log file location is /var/log/xferlog in this case.
xferlog_std_format=YES
#
# You may change the default value for timing out an idle session.
#idle_session_timeout=600
#
# You may change the default value for timing out a data connection.
#data_connection_timeout=120
#
# It is recommended that you define on your system a unique user which the
# ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure
#
# Enable this and the server will recognise asynchronous ABOR requests. Not
# recommended for security (the code is non-trivial). Not enabling it,
# however, may confuse older FTP clients.
#async_abor_enable=YES
#
# By default the server will pretend to allow ASCII mode but in fact ignore
# the request. Turn on the below options to have the server actually do ASCII
# mangling on files when in ASCII mode. The vsftpd.conf(5) man page explains
# the behaviour when these options are disabled.
# Beware that on some FTP servers, ASCII support allows a denial of service
# attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
# predicted this attack and has always been safe, reporting the size of the
# raw file.
# ASCII mangling is a horrible feature of the protocol.
#ascii_upload_enable=YES
#ascii_download_enable=YES
#
# You may fully customise the login banner string:
#ftpd_banner=Welcome to blah FTP service.
#
# You may specify a file of disallowed anonymous e-mail addresses. Apparently
# useful for combatting certain DoS attacks.
#deny_email_enable=YES
# (default follows)
#banned_email_file=/etc/vsftpd/banned_emails
#
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
# (Warning! chroot'ing can be very dangerous. If using chroot, make sure that
# the user does not have write access to the top level directory within the
# chroot)
chroot_local_user=YES
chroot_list_enable=YES
# (default follows)
chroot_list_file=/etc/vsftpd/chroot_list
#
# You may activate the "-R" option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
# the presence of the "-R" option, so there is a strong case for enabling it.
#ls_recurse_enable=YES
#
# When "listen" directive is enabled, vsftpd runs in standalone mode and
# listens on IPv4 sockets. This directive cannot be used in conjunction
# with the listen_ipv6 directive.
listen=YES
#
# This directive enables listening on IPv6 sockets. By default, listening
# on the IPv6 "any" address (::) will accept connections from both IPv6
# and IPv4 clients. It is not necessary to listen on *both* IPv4 and IPv6
# sockets. If you want that (perhaps because you want to listen on specific
# addresses) then you must run two copies of vsftpd with two configuration
# files.
# Make sure, that one of the listen options is commented !!
#listen_ipv6=YES

pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
local_root=/var/ftp/test
allow_writeable_chroot=YES
pasv_enable=YES
pasv_address=xxx.xxx.xxx.xxx#Please change it to the public IP of your lightweight application server, you need to change it yourself
pasv_min_port=40000
pasv_max_port=45000

Finally, take a look at your vsftp on state:

[root@VM-12-16-centos lighthouse]# systemctl status vsftpd.service

FTP 500 Illegal PORT command. ftp: bind: Address already in use [How to Solve]

ftp 500 Illegal PORT command. ftp: bind: Address already in use

Solution:
1：quote pasv
2：passive
Run:

Done!

Xshell frequently disconnects, indicating socket error event: 32 error: 10053 connection failure

The SSH connection of xshell frequently prompts socket error event: 32 error: 10053

1. Cancel the check at the tunnel

2 modify/etc/SSH/sshd_ Configuration file under config

Change the value of clientaliveinterval to 60

Then restart the ssh server

At present, there is no frequent SSH disconnection problem, which should be effective

How to Solve Error: could not list the contents of folder

when I was using phpstorm, I encountered the error of could not list the contents of folder. Using external FTP tools, I could connect to the server normally, but not on phpstorm. After struggling for a long time, I found the following content on phpstorm’s official website

PhpStorm seems to connect to the server but can’t list files or perform upload

This may be because the deployment server requires a so-called passive FTP connection. To set this mode, select Project Settings | Deployment, open Advanced Settings for the server and toggle Passive mode.
Limiting the number of concurrent FTP connections may also help in this situation. To do this, select Project Settings | Deployment, open Advanced Settings for the server and toggle Limit concurrent connections mode setting the number of connections (usually 3-5 concurrent connections is OK for any server if you experience problems with a higher number of connections).

A link to visit is attached:
http://confluence.jetbrains.com/display/PhpStorm/Troubleshooting

The translation means:

Phpstorm appears to be connected to the server, but cannot list files or perform uploads

this may be because the deployment server requires a so-called passive FTP connection. To set this mode, select project settings | deployment, find and open advanced settings, and select passive mode.
limiting the number of concurrent FTP connections also helps. To do this, select project settings | deployment, set the number of connections for the server and switch the limited concurrent connection mode, and open advanced settings (usually 3-5 concurrent connections can be for any server if you have a higher number of connections).

In this way, try to use the above solution.
open the server configuration interface tools & gt; deployment & gt; configuration, and then on the interface, find the advanced settings button, open it, check the passive mode option, and then OK

Test again, you can upload normally.
It seems that if you have a problem, you should first check the official documents~

FileZilla 425 Can’t open data connection

Yesterday found that the company server being poisoned half a month, abnormal reminding email is not in their hand, alive when the chicken, half month is normal business running, if it weren’t for yesterday exploded with CPU can’t found dead, snapshot backup after reshipment system didn’t even find FTP death, active passive automatic all tried and can access to the directory but unable to traverse the file, is the problem of port:
First go to the server to open the firewall 80 (HTTP), 3306 (SQL), 443 (HTTPS), 21 (FTP) these open ports are open, at this time the website can normally access, but FTP still can not get the file as usual;
The server is ftPserV, but it has been changed to passive and port:

Then add these two ports to your firewall (note that both inbound and outbound rules are added) :

Filezilla for the client, change the mode to passive mode:

It turns out that it still doesn’t work. It turns out that the security group of Aliyun also needs to match these ports (both entering and leaving should be matched) :

At this point, FTP is perfectly linked.

Vsftpd: 500 oops: vsftpd: refusing to run with writable root inside chroot() error

This error is often encountered when using the user to log in to FTP after we have restricted the user from jumping out of his/her home directory:

500 OOPS: vsftpd: refusing to run with writable root inside chroot ()

This problem occurs in the latest update due to the following update:

- Add stronger checks for the configuration error of running with a writeable root directory inside a chroot(). This may bite people who carelessly turned on chroot_local_user but such is life.

Since 2.3.5, VSFTPD has enhanced security checks so that if a user is restricted to his or her home directory, the user’s home directory can no longer have write permissions! If the check finds that write permissions are still available, the error is reported.
To fix this error, remove write permissions from the user’s home directory with the command chmod A-w /home/user, and replace the directory with your own. Or you can add one of the following two items to the VSFTPD profile:
allow_writeable_chroot=YES

Solution to “550 create directory operation failed” in FTP operation file

in etc/vsftpd.conf, modify,

anonymous_enable=NO

local_enable=YES

write_enable=YES

chroot_local_user=NO

chroot_list_enable=NO

listen=YES

listen_port=21

local_root=/

FTP 550 Failed to change directory

when using FTP this error occurs

is usually some service for FTP that’s not turned on and this has something to do with the firewall

if you are able to link to FTP but can’t see the file upload and download there is no way to do

then the command

can be executed

getsebool -a | grep ftp

will find the following states are closed

setsebool -P allow_ftpd_full_access on

setsebool -P ftp_home_dir on

execute the command above and return the result to see both lines are off, meaning, no access

you’ll notice that the state is already on

it should be no problem, if still won’t do, and see if it is to use the FTP client tool with the passive mode access, such as tip if passive mode, the means is passive mode, the default is no good, because of the passive mode FTP was held up by the iptables, here can speak how to open, if don’t open, just to see if your FTP client has the option of a port mode, or remove the passive mode options.

turn off anonymous access

Conf file

vi /etc/vsftpd/vsftpd.conf

restart FTP service:

service vsftpd restart

Prompt 550 remove directory operation failed when FTP delete folder

recently used a remote FTP server and found that some folders can not be deleted no matter what. Look at the folder is empty, but you can’t delete it, nor can you rename it. After baidu was clear, the original is to hide the file made ghost. After opening the hidden files on the FTP client, you will find the hidden files in the directory. After deleting the hidden files, you can delete the folder.

FileZilla method for displaying hidden files:

1. After opening FileZilla, click [server (S)] → [forced display of hidden files (H)] → [ok].

2, disconnect and reconnect

Command line access to passive mode FTP server failed, 425 failed to establish connection

premise: an FTP server has been set up on ali cloud (CentOs8.1 system), and the FTP server has also been set to passive mode

open Windows command window, type FTP, use FTP related instructions to connect to the FTP server, found that the connection can be successful, but when using ‘ls’ or’ dir ‘command times the following error:

200 PORT command successful. Consider using PASV.

425 Failed to establish connection

you can see that there is a saying on the Internet that you can type quote PASV, but if you test it it doesn’t use

, right

see stackoverflow there is a post, said Windows command line FTP. Exe does not support passive mode access FTP, if you must use passive mode access, or use other passive mode FTP client, such as WinSCP FTP client

reference articles: https://stackoverflow.com/questions/19516263/200-port-command-successful-consider-using-pasv-425-failed-to-establish-connec 】【

About the problem I encountered: 226 transfer done but failed to open directory

encountered this problem in the following cases:

1, selinux is not disable.

setenforce 0 will not work either, mainly because selinux is still running and will protect network ports, whereas the ports of the FTP service are restricted by selinux.

Between the

the best solution is to the configuration file (/ etc/selinux/config), will be enforcing to disabled

2, user permissions, what user did you log in with, and then folder permissions allow this user to see the files in the folder

USES ls or dir to view folder permissions. If you do not have permissions to view this folder, you cannot view its contents.

, just like
,

FileZilla server failed to initialize SSL Library

http://www.cnblogs.com/airoot/p/4516690.html reproduced first address

for Google and share into Chinese man

first said that the conclusion version is too high reduced to 0.9.44!! FZS history version download
click on the open link

, I have been using filezilla before. Today, I had a strange problem: after installing filezilla server in 2008R2, I intended to generate a certificate for SSL encryption. However, the error “Failed to initialize SSL library”

kept coming

the strange thing is, in some OS running on no problem, and then the related cases, baidu search to only one article: https://forum.filezilla-project.org/viewtopic.php?t=14852

> install Microsoft Visual C++ 2008 Redistributable Package, then install it.

and we continue to play around: compare the OS that runs SSL, and find out which components are not installed in R2 — which doesn’t work either;

suddenly thought to search Google, the fact that baidu is really not external. And Google came up with a bunch of them:

http://undefeated3.rssing.com/browser.php?indx=3477818& item=11163

https://forum.filezilla-project.org/viewtopic.php?t=14503

http://trac.filezilla-project.org/ticket/940

concluded that the above solution is mainly related to the following SSL DLLS:

msvcr71.dll, msvcr90. DLL (virtualization support)

libeay32.dll, ssleay32.dll (SSL support)

copy it to the filezilla installation directory or system32 directory, there is a Microsoft KB2533623 patch, the result is conceivable or not –!

and then I saw this

in one of the comments

then it occurred to me that the problem might be related to the filezilla version, down to 0.9.44(my maximum is 9.44, not 9.46). Problem solving… What a speechless to Fzs, out of such a buggy

attachment: FZS history version download

click the open link

ProgrammerAH

Programmer Guide, Tips and Tutorial