Re: vsftpd "Could not connect server"

since it works on the intranet, and not the internet. there are only a few things to check

1. be sure your portfowards are working.
2. be sure your dns stuff if working (as it try w/ just your ip once)
3. be sure your isp is not blocking port 21 (perhaps try another port for the server). i know this sounds odd but many isp's block common server ports 80 and 21 so they can force you to a buissness account if you want to use http or ftp server

good luck!

Re: vsftpd "Could not connect server"

you raise an interesting point that my ISP is blocking access to port 21.

How do I determine this?

How can I check if my port forwarding is working properly?

BTW, I'm trying to get an FTP server up and running b/c I have not been able to get VNC working. Again, authentication issues prevent me from getting VNC to work.

Re: vsftpd "Could not connect server"

I would temporarily allow all connections to see if you can connect. Telnet or traceroute might be able to tell you something. I remember my setup of vsftpd was kind of bitchy and sometimes had to connect twice before it would go. You should be able to google your isp and ftp to see if others are experiencing blockages of ftp. router log?

Re: vsftpd "Could not connect server"

I'm still trying to get this to work...

1. Used "Shields Up" Online Port scanner (www.grc.com)
this revealed that ports 21, 23, 80 are being blocked. The source of the blockage is currently unknown. I haven't figured out how to determine where the blockage is.

2. Based on the fact that port 21 has a blockage, I opened port 26 ( I changed my router's configuration to allow access to port 26 to PC1) and I edited the file /etc/vsftpd.conf by adding an entry...
listen_port =26
(note: still using port 20 as data connection port since communication originates from PC1. Newbies, FTP protocol uses 2 ports typically ports 21,20. Essentially, port 21 is inbound and port 20 is outbound. I'm using 26,20)

3. Ran another port scan using "Shields Up" and port 26 is confirmed open.

4. Again, I confirmed local access to vsftpd (FTP server) by using another home computer (PC2) to connect to PC1. This worked perfectly. I was able to use an authenticated login to vsftpd (FTP server) on PC1 using a valid kubuntu username and password.

One noteworthy change is that I changed PC2 to a wired connection so that I could eliminate another router/device from this test.

Explanation for Newbies: Did you looked carefully? I noted that PC1 was wired and PC2 was originally connected wirelessly. What I didn't mention was that PC2 was connected wirelessly through a second router which has been reconfigured to use the subnet (192.168.10,x). By changing the second's router configuration to use the same subnet, this allows all of my home computers to see each other, whether they are connected wirelessly or wired.

So to be more precise, here's my network hardware ...
1. cable modem (allows connection to ISP: comcast, TimeWarner, cablevision, etc.)
2. Netgear RT-311 gateway router ( this model has only one ethernet connection, so I needed a switch to connect 8 wired connections)
3. Linksys 8 port Etherfast 10/100 Workgroup Switch (Model: EZXS88W)
4. Belkin 5 port Wireless Router ( reconfigured to use same subnet as Netgear's RT-311).
[Newbie NOTE: The Belkin router is connected via wire to the Linksys Switch. This uses one of the 8 connections. And if I didn't change the Belkin's subnet, then I would have two groups of computers that couldn't see each other. Those 7 computers connected to the switch plus the other group of computers connected to the Belkin router, which would include all wireless connected computers plus 5 more wired computers. However, since I changed the Belkin's subnet to match the Netgear's subnet, I can now have 13 wired computers and all wireless computers on the same subnet.]

And so by changing PC2 from a wireless to wired connection, I have now eliminated the Belkin Router from the test. However, doing this didn't solve my problem and I still can't access my FTP server.

So the next step for me was to try and confirm that I can reach out to the internet and loop back into my home network. I still can't confirm this yet.

[Newbie note: This is why I registered with dyndns.com to use their free dynamic DNS service. I thought that I could reach out to the web using the URL (http://myhouse.dyndns-home.org) which points to my internet's IP address 4.74.x.x (not my local IP address 192.168.x.x). ]

The next step was for me to edit the /etc/hosts.allow file using root access (command: sudo su).
I added two entries....
1. ALL: myhouse.dyndns-home.org :allow
2. ALL: 4.74.x.x :allow


And now, I'm stuck. I don't know how to diagnose the blockage.


Using Windows Filezilla on PC2 to access vsftpd on PC1, I get the following error message.
"Connection attempt failed with "ECONNREFUSED" - Connection refused by server"
"Could not connect to server"

I get the same error message using either the URL (http://myhouse.dyndns-home.org) or internet IP address (4.74.x.x:26) as the host in Windows Filezilla. I even tried changing Filezilla advanced settings. This didn't work either.

I guess the next question to ask is how can I confirm/verify that I can loop out of my home network to the internet and come back in to my home network? Again, vsftpd works locally just fine. Sot how do I test "incoming internet access from outside of my home network" from within my home network?

Re: vsftpd "Could not connect server"

check usr/pass, as well as ping your dns and be sure it retuns the right ip address. for your wan ip.
also naturally be sure your client is also trying to connect to the proper port, same general advice as before in that you should double check you port forwarding be sure its the right port to the correct IP address.

Re: vsftpd "Could not connect server"

In response to previous post. Specific details such as IP addresses, username, password, etc. are not the issue b/c I can use vsftpd locally. As for the dynamic DNS service, the translation is working b/c the ftp log from Filezilla shows the correct translation (as shown below).

Here's more info...

1. Well, I finally figured out that I can not loopback from my home network to outside the network to back in. And my Netgear router RT-311 doesn't have a NAT Loopback function.
[newbie note: When attempting to test a server on a private network using a public address, make sure you setup your router so that you can use the NAT loopback function, which allows you to use one of your your home computers to access another home computer which is running either a FTP or HTTP server via a public address outside of your home network.]

2. I was able to login from the outside (from a different location) but still haven't been able to make a file transfer. Here's the log of the session... (note: I've edited the IP addresses with x's to protect my network)

Status: Connecting to 4.74.x.x:26...
Status: Connection established, waiting for welcome message...
Response: 220 Welcome to MyHome's FTP service.
Command: USER me
Response: 331 Please specify the password.
Command: PASS *******
Response: 230 Login successful.
Command: SYST
Response: 215 UNIX Type: L8
Command: FEAT
Response: 211-Features:
Response: EPRT
Response: EPSV
Response: MDTM
Response: PASV
Response: REST STREAM
Response: SIZE
Response: TVFS
Response: UTF8
Response: 211 End
Command: OPTS UTF8 ON
Response: 200 Always in UTF8 mode.
Status: Connected
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/home/me"
Command: TYPE I
Response: 200 Switching to Binary mode.
Command: PASV
Response: 227 Entering Passive Mode (192,168,x,x,22,127).
Status: Server sent passive reply with unroutable address. Using server address instead.
Command: LIST
Error: Connection timed out
Error: Failed to retrieve directory listing


I'm getting closer to a working FTP server, but still no service yet.

Re: vsftpd "Could not connect server"

I was able to get past the unroutable error message by editing the /etc/vsftpd.conf file

command: sudo pico /etc/vsftpd.conf

added entry...
pasv_address= 4.74.x.x (use your WAN IP address / external IP address)

command: ^X (exit)
command: Y (yes to save)

Editing the file got me past the "unroutable" error message but FileZilla still displayed the following error...
Error: Connection timed out
Error: Failed to retrieve directory listing

So I still can't transfer a file yet.


However, note that parameter entry into vsftpd.conf "hard codes" the external IP address and will fail when your ISP changes your ip address. Remember most internet users access the internet using dynamic ip addresses issued by the ISP (comcast, timewarner, cablevision, etc.) and this parameter setting assumes a static IP address.

So this isn't the proper fix for me, since I have a dynamically assigned IP address from my ISP. But it serves the purpose of identifying the problem and providing a work-around until someone else can describe the proper parameter for dynamically assigned IP addresses, or when someone can explain what other dependencies vsftpd relies on when using dynamically assigned IP addresses.

For example, DHCP comes to mind, but I don't know how to configure it or how to confirm what it should be doing. Again, I don't know if DHCP has any affect in this situation, but its function is related to IP addresses. So I'm guessing it maybe related.

Re: vsftpd "Could not connect server"

Eueka! Finally got vsftpd to work.

I can see the directory listing in FileZilla and I can transfer a file both directions, delete files, etc. I've got full FTP functionality.

Once again, I edited the /etc/vsftpd.conf file

command: sudo pico /etc/vsftpd.conf

added entries...
pasv_max_port=7004
pasv_min_port=7000

typed: CTRL+X (to exit)
typed: y (yes to save)

command: sudo service vsftpd restart


Then I added these same ports to Netgear's port forwarding map. So here's the list of the ports that I'm forwarding on my Netgear RT-311

port IP address
20 192.168.x.x
26 192.168.x.x
7000 192.168.x.x
7001 192.168.x.x
7002 192.168.x.x
7003 192.168.x.x
7004 192.168.x.x

Fortunately this works. But again, the problem is that my IP address is dynamically assigned by my ISP and can be changed at any time. This is obviously a problem when I'm away from my home and the IP address changes b/c I have no way of editing the /etc/vsftpd.conf file to change the parameter setting from the current IP address (pasv_address=4.74.x.x) to the new IP address.

Now, I have two more details to learn with regards to vsftpd.
1. How to automatically start the FTP server upon boot-up?
2. How to configure /etc/vsftpd.conf to properly handle a dynamically assigned IP address?

Re: vsftpd "Could not connect server"

Found answer to one of my questions...

2. How to configure /etc/vsftpd.conf to properly handle a dynamically assigned IP address?

Once again, I edited the /etc/vsftpd.conf file

command: sudo pico /etc/vsftpd.conf

added entry...
pasv_addr_resolv=YES

removed entry...
# pasv_address=4.74.x.x (note: inserted asterisk to remove entry, which converts the parameter into a comment)

typed: CTRL+X (to exit)
typed: y (yes to save)

command: sudo service vsftpd restart

Now, vsftpd uses my dynamic DNS service (myhouse.dyndns-home.org) as the pasv_address. So now when my ISP changes my IP address, my DNS domain name refers to the newly issued IP address. Now, when I leave the house and my ISP changes the IP address while I'm away, the FTP server will still be operational.

In addition, I also deleted entries in /etc/hosts.allow that I thought were necessary.
I removed two entries ...
(newbie note: the leading asterisk converts the entry into a comment, which forces the line to be ignored.)

sudo pico /etc/hosts.allow

# ALL: myhouse.dyndns-home.org :allow
# ALL: 4.74.x.x :allow

typed: control+x (exit)
typed: y (yes to save)

[Newbie note: changes made to the file /etc/hosts.allow are effective immediately. You do not need to restart nor reboot.]

I was able to connect to the FTP server without these entries in the hosts.allow file.

Re: vsftpd "Could not connect server"

I decided to summarize what I learned from all of this after I figured out how to get this working. It turns out this was way more complicated that I thought it would be.

Commentary:

A. Here is a useful reference to help understand what parameters/settings you will need. If you read this webpage, you'll be taking a crash course in FTP mechanics: http://wiki.filezilla-project.org/Network_Configuration
I found it helpful in that it taught me how to "drill through" the resulting error messages that appeared.

B. Another useful reference is "man vsftpd.conf" which lists and explains the options.

C. I estimate that it took me about 20 hours over 3 weeks to solve this problem of getting an FTP server up and running. I'm sure there's an easier way, but as you can see, I didn't find it. Documentation for kubuntu 10.04 hopefully will be updated to make installing and setting up a FTP server much easier to find and to implement. Perhaps others will be inclined to share the easier way to setup a FTP server.



================================================== =
Summary of instructions for vsftpd - setting up an FTP server using authentication:
================================================== =

First, notice that most of the instructions deal with pre-requisites before you actually install the vsftpd package.

Second, I'm describing how to setup a FTP server which restricts users to only those that are current kubuntu users on home computer (such as bob, bill, nancy, donna). These users are the ones that can login into my kubuntu home computer. So when they use the FTP server their username and login password are the same as that used to login into the home computer. This is what I mean about setting up an FTP server using authenication. Users must have a password and only currently active users of the computer can access the FTP server. No guests allowed.

There are many ways to setup your FTP server. Most choose to use anonymous FTP which allows anyone to access your home computer. I didn't want this. Also you could create a list of users and refer to that list. Again, I didn't want to make this more complicated than it already is because it would involve creating a password file also. By restricting access to existing users with passwords, I didn't have to create any additional files or change any security settings. All I had to do is enable one paramenter/setting: local_enable=YES. This one parameter then used the usernames and passwords already validated on the kubuntu computer. All a user has to do is start their FTP client software and enter 4 settings: 1.the host_name which is either the ISP assigned IP address or a domain_name that points to the home network. 2. their username 3. their password, and finally, 4. the port number. With this information, the FTP client will be able to access the home FTP server.

Again. I didn't apply any other security measures yet such as SSL/TSL. I'm just trying to get the FTP server up and running. Plus there are many other parameters that will make the FTP server more secure. I'm just posting what was necessary to get this FTP server up and running with the fewest parameter changes possible.

Lastly, if you read this thread you might remember that I changed another file /etc/hosts.allow. However, this was not necessary. After I got the FTP server up and running, I removed these modifications I had made in the earlier posts and the FTP server still worked, which confirmed their uselessness. I also experimented with many other parameters not posted here. But for the sake of brevity, I didn't comment about my voyage into the many options of vsftpd.conf. Listed below are the fewest entries required to accomplish the task of getting vsftpd up and running using authenticiation and passive mode.


====================================
Getting Started = the pre-requisites
====================================

1. Get your router's model number, firmware version, etc. So that you can learn how to enable port forwarding and utilize NAT loopback function (if it has the NAT loopback function, you're in luck. Your life just got easier with regards to testing your new FTP server. My router does not have this functon, which means I needed a friend/neighbor/relative who can log into my network from their location. Or I made an attempt to login myself using my own laptop at a public wifi hotspot; such as library, coffee shop. Bring your own laptop to the public location b/c most public computers don't have FTP client software installed and do not allow you to download files to their computer. Your laptop should already have a FTP client softare package installed; such as FileZilla, or gFTP)

Basically, you are going to test two separate states. 1. access to your FTP server from within the intranet (home network) 2. access to your FTP server from outside of the home network. In second case, you're going to use one home computer (FTP client) to talk to another home computer (FTP server) via a public address, which means you're starting the communication from within your internal network using the FTP client on PC1 (192.168.x.11) and going outside of the home network to the internet (4.74.x.x) and returning to come back into the home network to talk to the FTP server on PC2 (192.168.x.12). My router can't do this b/c it doesn't have NAT loopback functionality, but newer routers do. Read your router's manuals. If you have this NAT loopback function then implement it so that you can test the second state easily.

More precisely, the situation described above is how most of us will attempt to test our newly installed FTP server. We will try to access our newly installed FTP server from the same home network it resides on. But for many of us, me included, this is not possible and will cause you hours of frustration. You are now duly warned.

The failsafe method to test your newly installed FTP server is to test it locally first. Test it within the home network before you attempt to test it for outside acess. This will be explained later in the instructions.


2. determine if you have been issued a static IP address or a dynamic IP address from your Internet Service Provider (ISP = comcast, timewarner, cablevision, etc.) The setup is different for each type of address. Fortunately, this is rather easy to deal with once you know which type of IP address has been assigned to you.

If you have a dynamically assigned IP address like I do, then it is highly recommended that you utilize a dynamic DNS service to establish a static domain name for your connection to your home network. The reason for using such as service is b/c it will insure that you can access your FTP server when your ISP changes your IP address while you are away on a trip. Otherwise, when your ISP changes your IP address and you're away, you won't be able to connect to you home's FTP server b/c you were assigned a new address and you don't know what it is. The dynamic DNS service links your home's dynamically assigned IP address to a static domain name such as myhouse.dyndns-home.org. Now all you have to do is use this domain name as the hostname in your FTP client's software rather than the IP address. And if your ISP changes your IP address the dynamic DNS service detects the change and reassigns the domain name to the new IP address automatically.

The only piece of the puzzle still missing is that you need to setup your router to utilize this dynamic DNS service. Read your router's manual to enable this feature.

BTW, if you setup a static domain name for your dynamically assigned IP address using a free dynamic DNS service such as provided by dyndns.com, you'll need to know the external IP address or WAN IP address issued by your ISP. It should not begin with 10.x,x.x or 192.168.x.x. These are private IP address ranges used for home networks.

Determining the external/WAN ip address can be accomplished several different ways.
1. You can use a webbrowser to find your WAN IP address by going to the following webpage: http://whatismyipaddress.com/
2. Or you can enter your router's setup/configuration page to lookup the external/WAN IP address that your ISP has given to your account. Read your router's manual.

Note that this could be either the static IP address or the dynamically assigned IP address that your ISP gives your modem/router. Again, the IP address should not begin with 10.x,x.x or 192.168.x.x. These are private IP address ranges.


3. If you elected to use a dynamic DNS server, you will need to change your router's settings so that you can utilize the dynamic DNS service. Read your router's manual for details.

4. determine the status of your home computers communication ports. Determine which ports are open. I used "Shields Up" from www.grc.com. Use the webbrowser on the home computer that will become the FTP server to perform the port scan. www.grc.com will scan your computer and show you which ports are open, closed, and in stealth mode. Basically, this starts the process of figuring out how get communications going from inside of your private home network to the outside world which is the public internet. FTP generally uses ports 20 and 21 and some others. But you will probably find that port 21 is either closed or in stealth mode which means something between your computer and the internet is blocking the port.

At this point, the process of determining what to do becomes complicated. It's complicated b/c of the various ways everyone sets up their home network, which means the combination of hardware between your computer and the internet makes things difficult to standardize. Secondly, another messy detail is when firewalls are involved. Firewalls are simply filters that limit the data flowing into and out-of your computer. Firewalls are generally considered a software solution but routers provide a hardware solution to filter traffic.

As for hardware configurations, this will become particularly brutal when you have more than one router connected to each other. For instance, some of you may have a modem connected to a gateway router which only has one port. So you have the gateway router connected to an 8 port switch. Then you wanted wireless capabilities and then you used one of the 8 ports on the switch to connect a wireless router. Now you internet traffic passing through two routers for some of your home computers and others only have traffic pass through one router. You see, this can get very complicated.

Now add in another variable such as subnets. Some of you may have edited the configuration of the second router so that it uses the same subnet as the first router. Others of you didn't make this change and actually have two different subnets, which means some computers can't communicate with others on the network because they don't share the same range of IP addresses. As you can see, you will need to iron out these problems before attempting to install your FTP server if you want all of your computers to have access to the FTP server.

However, if you only want your FTP server to be accessable from outside of the home network and you don't care if all of the computers on your home network have access, then you'll still need to know how many routers and other devices (repeaters/extenders, etc.) are on the path between the computer hosting the FTP server and the internet. You'll still need to open a few communication ports along this path and that implies modifying several devices configuration files which seriously complicates this process. It would best to select a computer that is connected to the fewest number of devices so that you only have to reconfigure 1 router. But you get the point. All of the devices along the path to the computer that you choose to use as the host for your FTP server must be reset to open a few communication ports so that the traffic from outside of the home network can get to the computer running the FTP server.

5. Determine if you have an active firewall. This applies to both the FTP client computer and the FTP server computer. In my case, my client was a winXP machine and the server was on the kubuntu 10.04.

On windows XP machines, check control panel for "Security Center" or "Windows Firewall". For this test disable it. You can enable it after you have made a successful connection. Then you know where to look if the connection fails.

On kubuntu machine, check for iptables. here is the command:
in terminal mode type: sudo iptables -L <E>

This is output you'll see if you do NOT have an active firewall (notice the different categories are empty):
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination


However, if you do have an active firewall, there will be many rules listed under each section. Disable them for testing purposes.


6. Check your router's firewall. Is it enabled/disabled? See if it is blocking FTP traffic. If enabled, disable it to setup the FTP server. Read your router's manual.


7. Now run another port scan again and determine if port 21 is open, blocked or still in stealth.
if after disabling both the software firewall and the hardware firewall port 21 is still closed or in stealth. The next step is to open the port to the outside.

8. Setup port forwarding. Reconfigure/setup your router to allow traffic from port 21 to reach a specific computer on your home network. Now you'll need to know the local IP address of the computer that will be hosting the FTP server. Here's the command to determine this:
in terminal mode type: ifconfig <E>
you should see something like this (except for the x's which I've inserted to hide specific details)

eth0 Link encap:Ethernet HWaddr x
inet addr:192.168.27.31 Bcast:192.168.27.255 Mask:255.255.255.0
inet6 addr: x Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:181054 errors:0 dropped:0 overruns:0 frame:0
TX packets:144205 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:202014377 (202.0 MB) TX bytes:14608579 (14.6 MB)
Interrupt:27 Base address:0xe000

Note the inet addr:192.168.27.31 this is the local IP address on your home network. This is what is needed to enable port forwarding.

Now open port 21 on local machine 192.168.27.31 using the port forwarding function on your router. Read router manual.


9. Now run the port scan again and determine if port 21 is open, blocked or still in stealth.
if after disabling both the software firewall and the hardware firewall, and opening port 21 using port forwarding, the port is still closed or in stealth. Then something is still blocking communication on port 21 and you can't use port 21. This means either there is another piece of hardware on your network that is blocking traffic or your ISP is blocking this port. In my case, I was able to determine that comcast is blocking ports 21,23, and 80 so that residential customers can't use their home account to run a website. They want you to have a business account to run a website from the house.

10. If you have determined that port 21 is blocked, this is not a serious problem. Your FTP server will simply need to use a different port, like port 26. Now setup your router to ...
1. disable port forwarding for port 21
2. enable port forwarding for port 26 (or any other port you choose. Again, if you determine that port 26 is blocked, select another port and test it until you find a port that is open using the port scan.)

11. While you are reconfiguring your router, you might as well add some other ports that need to be open for your FTP server to use passive mode. I chose at random ports 7000-7004. And setup my router to open these ports like I did for port 26.
enable ports 7000 through 7004 (I opened 5 more ports)


Now here's a summary of the changes made to your router.

1. if you have NAT loopback functionality, enable it.
2. if you have implemented a dynamic DNS service b/c you have a dynamically assigned IP address:
you made changes to utilize your new domain name: myhouse.dyndns-home.org
3. disabled firewall - you might be able to specifically limit these changes to disabling only FTP filters.
4. enabled port forwarding for 6 ports: 26,7000,7001,7002,7003,7004


===============================
Now ready to install vsftpd (FTP server) package
===============================

12. install vsftpd package
in terminal mode type: sudo apt-get install vsftpd <E>

13. make a copy of the original configuration file for vsftpd before you make any changes.
in terminal mode type: sudo cp /etc/vsftpd.conf /etc/vsftpd.conf.orig <E>

15. edit the configuration file for vsftpd.
Here's an important note regarding editing this file. If an Asterisk appears anywhere on the line that line is ignored by vsftpd. This is inconsistent with all other configuration files which do allow comments to follow active settings.
For example. this line would be ignored ...
listen_port=26 # activates port 26
but this is OK ...
# activates port 26
listen_port=26

This command allows you to change the configuration file.
enter terminal mode and type: sudo pico /etc/vsftpd.confg <E>

Here's a list of the parameters/settings I used:
listen=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
dirmessage_enable=YES
use_localtime=YES
xferlog_enable=YES
idle_session_timeout=600
data_connection_timeout=120
ftpd_banner=Welcome to My House FTP service.
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/private/vsftpd.pem

Manually Inserted/Added the following parameters (anywhere in file):
# set the inbound traffic port
listen_port=26
# set passive mode port start and end range (only requires 2 ports next to each other)
pasv_max_port=7004
pasv_min_port=7000

# The following parameter is useful for those of you using dynamically assigned IP addresses.
# This uses the IP address assigned to your internet account by your ISP to access your router, as the outbound address.
# Use this setting after you setup your dynamic DNS service and get your static domain name.
# then use your static domain name as the host in your FTP client.
pasv_addr_resolve=YES

# This is useful for those of you using static IP addresses or if you didn't get a free domain name from dyndns.com
#note pasv_address and pasv_addr_resolv are mutually exclusive settings. Use one or the other.
#enter your static IP address or use the current dynamically assigned IP address.
#You should know this already. refer to above. instruction number 2.
#pasv_address=x.x.x.x


type: ^ x (exit)
type: y (yes to save)

you should be back to terminal mode and see the prompt.

NOTE: Remember if you made a mistake you have a copy of the original file, just delete this copy and start over.
here are the commands to do that...
sudo rm /etc/vsftpd.conf
sudo cp /etc/vsftpd.conf.orig /etc/csftpd.conf

16. Now start vsftpd service. Here's the command:
using terminal mode type: sudo service vsftpd stop <E>
using terminal mode type: sudo service vsftpd start <E>

[note: whenever you make changes to the file /etc/vsftpd.conf, these changes will not take effect until you restart the service.
using terminal mode type: sudo service vsftpd restart <E>]

Also note, by using the commands above, this will automatically keep your FTP service running even after rebooting. You do not need to change any other files to start your FTP server when you turn off and turn on your kubuntu computer. Your FTP server will start up automatically and stay running until you use the command to stop it. See above.

17.Verify/ test FTP server is listening on port 26
using terminal mode type: sudo netstat -l <E> (note lowercase "L" is option for listing listening ports)
tcp 0 0 *:nfs *:* LISTEN
tcp 0 0 *:54538 *:* LISTEN
tcp 0 0 *:43629 *:* LISTEN
tcp 0 0 *:26 *:* LISTEN

Note entry containing 0 *:26 shows that port 26 is active. This verifies that FTP server is running.
You could also use this alternate command: sudo netstat -lnut <E> (Again all lowercase "LNUT")

+++++++++++++++++++++++++++++++
Setup FTP client Software - testing local access
+++++++++++++++++++++++++++++++
Now all you have to do is enter a few settings into your FTP client software to access your FTP server.
1. enter FTP server's local IP address as the hostname (this was determined previously, instruction number 8 )
2. enter your kubuntu's username
3. enter your kubuntu's password
4. enter the port number 26
5. Now you are ready to connect to your newly installed home FTP server from within the home network.
You should see the right side of the FTP client populate with folders and filenames.
If this test was successful, you have established that your FTP server is up and running, and that the authentication process was successful. You are now ready to try accessing your FTP server from outside of your local home network. If not, read the error messages provided by your FTP client and attempt to make sense of them, or post here and maybe someone can help you.


+++++++++++++++++++++++++++++++
Setup FTP client Software - testing public access
+++++++++++++++++++++++++++++++
Now all you have to do is enter a few settings into your FTP client software to access your FTP server.
NOTE: if your router doesn't have NAT loopback functionality, then you'll need to ...
1. call a friend to ask them to access your FTP server from their house.
2. bring your laptop to a neighbor's house, public hotspot, or work, and access your home network from a different location.
If you do have NAT loopback functionality, then you should be able to test public access from your own home.

1. If you used a dynamic DNS service and have acquired a domain name, use the domain name as the hostname.
If you didn't get a domain name, you must enter your home network's external/WAN IP address as the hostname. This IP address was determined using instruction number 2.
2. enter your kubuntu's username
3. enter your kubuntu's password
4. enter the port number 26
5. Now you are ready to connect to your newly installed home FTP server.

You should see the right side of the FTP client populate with folders and filenames.
If this test was successful, congratulations. If not, read the error messages provided by your FTP client and attempt to make sense of them, or post here and maybe someone can help you.