Thursday, August 27, 2009

FTP Connection refused error – Solution to problem

If you get an error (ftp Connection refused) when using FTP client under Linux such as Connection refused, then you can fix this problem using following method.

Make sure ftp server installed

Make sure ftp server installed and service is running. Under Debian Linux you can use dpkg command to verify that ftp server installed:
$ dpkg -l | grep -i "ftp"Output: 

ii  ftpd                           0.17-21                       FTP server

OR run following command:

$ dpkg -l | grep -i ftp

Under Red Hat/Novell Suse/Fedora Linux try rpm command:

# rpm -qa | grep -i "*ftp*"

In any case if you have the ftp package installed it will return output. If the ftp package is not installed, it will notify you or it will not give you any output at all. Naturally next logical step is to install FTP server.

Under Red Hat/Fedora Linux install vsftpd server as follows:

# up2date vsftpd

OR if you are using Fedora Linux use yum:

# yum install vsftpd

If you are using Debian Linux use apt-get command:

# apt-get install vsftpd

Next configure vsftpd by modifying /etc/vsftpd.conf file.

Is ftp server running (is port 21 open)?

Login to ftp server using ssh and try to telnet port 21 (to see port is open or not):

$ telnet localhost 21

Next run netstat -tulpn command to see if port 21 is in open:

$ netstat -tulpn | grep :21

Output: 

tcp        0      0 0.0.0.0:21             0.0.0.0:*               LISTEN

OR try following command:
$ netstat -a | grep ftpOutput:

tcp        0      0 *:ftp                   *:*                     LISTEN

If port is not open, start ftp server /service. Under RedHat/Fedora Linux use service command:

# service vsftpd start

Under Debian Linux use following command:

# /etc/init.d/vsftpd start

FTP user permissions

Is particular user not allowed to use your vsftpd ftp server, then make sure user got permission to use your ftp server. File /etc/ftpusers - list of users disallowed use vsftpd server access. Make sure user name is not in this file.

Security or Firewall

Make sure iptables firewall/tcpd does not block access to your ftp server. Run following command on ftp server (login over ssh):
# iptables -L -nOutput: 

Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpts:6881:6882
ACCEPT     udp  --  202.54.1.254         0.0.0.0/0           udp dpt:514
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpts:80 state NEW,RELATED,ESTABLISHED
LOG        all  --  0.0.0.0/0            0.0.0.0/0           LOG flags 0 level 4
DROP       all  --  0.0.0.0/0            0.0.0.0/0

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0

Above output does not allows port 21 (port 21 is blocked by firewall). You need to use iptables rules to open port 21. Make sure file /etc/hosts.deny (TCPD wrappers) does not block access to port 21 for your ftp host.

Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)