listen=yesbackground=yes
listen=yesbackground=yes
syslog_enable=yesconnect_from_port_20=yesdirmessage_enable=yesls_recurse_enable=yeswrite_enable=yeslocal_enable=yes
secure_chroot_dir=/var/run/vsftpdnopriv_user=ftppasv_min_port=30000pasv_max_port=30100ssl_tlsv1=yesssl_sslv2=nossl_sslv3=norsa_cert_file=/etc/ssl/certs/vsftpd.pemno_anon_password=yesallow_anon_ssl=yesanon_mkdir_write_enable=yesanon_other_write_enable=yesanon_umask=0
anon_root=/mnt/sda3/Publicchroot_local_user=yesallow_writeable_chroot=yesanonymous_enable=yesanon_upload_enable=yesssl_enable=yesforce_local_logins_ssl=noforce_local_data_ssl=nouserlist_enable=no
Hello everybody,
On Tuesday, November 5, 2013 8:26:35 PM UTC, Gabriel Parďż˝-Olivier wrote:
> ssl_enable=yes
> force_local_logins_ssl=yes
> force_local_data_ssl=yes
> userlist_enable=yes
>
> # new stuff
> listen=yes
> background=yes
> allow_writeable_chroot=yes
> chroot_local_user=yes
> local_root=/mnt/md0/Users
I also faced to this situation (FileZilla with sFTP).
After several
hours of browsing it seems to be a bug (I expect so). I have found pages
with special csript, but to test them is beyond my linux knowledge.
> I've also tried other functions such as ftpd_banner and logging
> options without success (not displayed in this configuration file).
I have found it works sometimes. Once when I logged in, and later when I
came back to my home directory through the given (.message file
included) directory. Later I have fed up...
Bela
sftp has nothing to do with vsftpd. sftp uses ssh, and the vsftpd configuration file is ignored. This has already been discussed under another topic.
vsftpd only manages plain ftp and ftps connections.
If you want to see what protocol your client is using, you can do a 'ps' or 'top' on the box with an active connection; if you see that the 'sftp-server' process is serving the connection, then sftp is being used.ďż˝
when a client uses sftp, a ssh connection is made to dropbear (the sshd server in Alt-F), dropbear notices that it is a sftp connection and launches sftp-server (an openssh component) to handle the connection.
Yes, I know, it's confusing, but it is not Alt-F fault or design
...but it is not Alt-F fault or designMaybe my letter is mistakable, sorry about it! I have never thought Alt-F is faulty or bad design!
As sftp-server does not even knows what vsftpd.conf is, it is ignored.�sftp is not ftp.Clear!
Hi Joao,
I was continuously checking processes, and I was very surprised when a ssh login launched sftp. Thanks to your e-mail, it is now clear.sftp has nothing to do with vsftpd. sftp uses ssh, and the vsftpd configuration file is ignored. This has already been discussed under another topic.
vsftpd only manages plain ftp and ftps connections.
If you want to see what protocol your client is using, you can do a 'ps' or 'top' on the box with an active connection; if you see that the 'sftp-server' process is serving the connection, then sftp is being used.ďż˝
when a client uses sftp, a ssh connection is made to dropbear (the sshd server in Alt-F), dropbear notices that it is a sftp connection and launches sftp-server (an openssh component) to handle the connection.
Exactly, it is confusing.Yes, I know, it's confusing, but it is not Alt-F fault or design
ftps stream tcp nowait root /usr/sbin/vsftpd vsftpd -oimplicit_ssl=yes
# grep ftps /etc/servicesftps 990/tcp # ftp protocol, control, over TLS/SSLftps 990/udp # ftp protocol, control, over TLS/SSL
And to further complicate things, ftps, which is handled by vsftpd, can be either "implict" or "explicit", depending on how (which port) the initial connection is made.For RC4, inetd also handles implicit ftps, by having
ftps � �stream �tcp � � nowait �root � �/usr/sbin/vsftpd � � � �vsftpd -oimplicit_ssl=yes
in /etc/inetd.conf
This means that inetd is also listening on port 990:
# grep ftps /etc/services�ftps � �990/tcp � � � � # ftp protocol, control, over TLS/SSLftps � �990/udp � � � � # ftp protocol, control, over TLS/SSL
The advantage of ftps over sftp is that it can encrypt only the password, passing the data un-encrypted, being thus much faster than sftp.
Don't ask me what MS-win clients supports ftps.
Regarding the vsftpd package: