I have installed vsftpd in Leap 15.2 and in Tumbleweed. It works fine in Leap but in Tumbleweed I get the following output when launching it:
piantino@Piantino-16:~> ftp Piantino-16
Connected to Piantino-16.
220 Message de bienvenue
Name (Piantino-16:piantino):
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
229 Entering Extended Passive Mode (|||30066|)
150 Here comes the directory listing.
421 Service not available, remote server has closed connection.
ftp> bye
The settings are identical for both OS in Yast firewall, Yast FTP Server in vsftpd.conf.
What can I do to fix this problem?
Thank you in advance for your answers.
I’m going to guess that the problem is your firewall configuration because your initial logon works but fails trying to establish the secondary(data) connection.
If you still have your LEAP FTP setup, take a close look how you configured your FTP firewall rule, whether it supports a secondary connection using a range of high ports. If the rule doesn’t support that, then your FTP server and client negotiated an Active FTP session which uses only ports 21 and 20.
Unless there your FTP server supports a very heavy workload of simultaneous connections, there is probably no need to support PASV mode. Recommend modifying your ftp server configuration to support only Active and not PASV connections. Most FTP clients I’m familiar with support Active connections whether it’s default or not. If your FTP client doesn’t support Active FTP, it’s a simple fix to support PASV, but then again you’ll have to make sure your firewall is configured correctly.
Thank you for your interesting answer.
I forgot to mention that Tmbleweed runs on one PC and Leap on another.
Thus the settings of the firewall, the Yast FTP server and the vsftpd.conf file are identical.
On Tmbleweed, I tried to switch to Active mode by making the following change in vsftpd.conf:
piantino@Piantino-16:~> ftp Piantino-16
Connected to Piantino-16.
220 Message de bienvenue
Name (Piantino-16:piantino):
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
229 Entering Extended Passive Mode (|||30083|)
150 Here comes the directory listing.
421 Service not available, remote server has closed connection.
ftp> bye
piantino@Piantino-16:~> ftp Piantino-16
Connected to Piantino-16.
220 Message de bienvenue
Name (Piantino-16:piantino):
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
550 Permission denied.
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
421 Service not available, remote server has closed connection.
ftp> bye
[/FONT]As i am very far from being an expert, could you tell me exactly what i need to check on the firewall.
piantino@Piantino-16:~> firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: enp0s25
sources:
services: dhcpv6-client samba ssh vsftpd
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
Yes my FTP server is on a machine in my network.
The two commands above give the same results on the machine running Leap
and for which the ftp server is working correctly.