[ale] Starting ftpd-ssl in Ubuntu-8.04
Brian Pitts
brian at polibyte.com
Thu Sep 24 13:06:19 EDT 2009
On 09/24/2009 09:58 AM, John Mills wrote:
> ALErs -
>
> I believe I installed 'ftpd-ssl' in Ubuntu-8.04 with 'apt-get' but I am
> able to make neither a local nor an external FTP connection to my server.
>
> Two questions:
>
> 1. How do I confirm that I have the correct package installed and that its
> dependencies are met? One web source described 'ftpd-ssl' as a "virtual
> package" which seemed to imply it is an set of required packages, but I
> don't know how this affects its installation.
>
> 2. How to I enable and start the service? I looked at '/etc/inetd.conf'
> and it only lists services, not their startup parameters. Similarly I
> didn't find a specific '/etc/init.d' entry to [start|stop|restart] for
> 'inetd'. Rebooting the box didn't start the service. '/etc/inetd.conf' is
> one line:
>
> "ftp stream tcp nowait root /usr/sbin/tcpd /usr/sbin/in.ftpd -z
> cert=/etc/ftpd-ssl/ftpd.pem -z key=/etc/ftpd-ssl/ftpd.pem"
>
> The setup is a fresh installation of the Ubuntu-8.04 'server' for i386,
> plus my shot at 'ftpd-ssl'.
>
After looking at
http://packages.ubuntu.com/jaunty/i386/ftpd-ssl/filelist
I see that you should have
/etc/ftpchroot
/etc/ftpd-ssl/openssl.cnf
/etc/ftpusers
/etc/pam.d/ftp
/usr/sbin/in.ftpd
/usr/share/doc/ftpd-ssl/NEWS.Debian.gz
/usr/share/doc/ftpd-ssl/README.Debian
/usr/share/doc/ftpd-ssl/README.gz
/usr/share/doc/ftpd-ssl/changelog.Debian.gz
/usr/share/doc/ftpd-ssl/changelog.gz
/usr/share/doc/ftpd-ssl/copyright
/usr/share/man/man5/ftpchroot.5.gz
/usr/share/man/man5/ftpusers.5.gz
/usr/share/man/man8/ftpd.8.gz
/usr/share/man/man8/in.ftpd.8.gz
It looks like an inetd should be listening on port 21. When it receives
a connection, it should start tcpd which will do some checks then start
in.ftpd. I would make sure than an inetd was running (`pgrep inetd`) and
that it's listening to the ftp port (`netstat -ltp`). If so, I'd check
syslog and see if tcpd is logging your connection attempts.
There shouldn't be a firewall set up by default in Ubuntu, but it
wouldn't hurt to check if one is enabled (`iptables -L`) and to check
the port from another box (`nmap yourbox -p 21`).
If you're making a connection but the issue turns out to be due to SSL,
users, or some other application-specific problem, reading the manpages
and READMEs is probably a good idea.
--
All the best,
Brian Pitts
More information about the Ale
mailing list