我在 ec2 实例上配置 vsftpd 时遇到了一个非常奇怪的问题:我已将 ftp 服务器配置为使用 TLS 上的 ftp,并且它在 filezilla 上运行良好,但是我无法使用任何文本编辑器 ftp 模块进行连接(我尝试使用 notepad++ 和 webstorm)。我认为问题可能出在 SSL 上,所以我首先将其更改为简单的不安全 FTP,然后尝试使其工作。现在 FTP 客户端又可以正常工作了(filezilla、total commander),但成功连接后,上述文本编辑器给我以下错误:
Failure retrieving contents of directory /
我尝试了所有方法,但目前还不知道问题出在哪里。以下是我的 vsftp 配置:
listen=NO
listen_ipv6=YES
local_enable=YES
write_enable=YES
dirmessage_enable=YES
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
chroot_local_user=YES
chroot_list_enable=NO
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=ftp
ssl_enable=NO
pasv_enable=YES
pasv_min_port=1024
pasv_max_port=1048
port_enable=YES
pasv_address=[EC2_PUBLIC_DOMAIN]
pasv_addr_resolve=YES
有人知道问题出在哪里吗?欢迎大家提供帮助。谢谢。
更新(服务器端日志)
Filezilla:
Sat Jan 14 20:01:06 2017 [pid 8099] CONNECT: Client "::ffff:178.48.165.229"
Sat Jan 14 20:01:06 2017 [pid 8099] FTP response: Client "::ffff:178.48.165.229", "220 (vsFTPd 3.0.3)"
Sat Jan 14 20:01:06 2017 [pid 8099] FTP command: Client "::ffff:178.48.165.229", "AUTH TLS"
Sat Jan 14 20:01:06 2017 [pid 8099] FTP response: Client "::ffff:178.48.165.229", "530 Please login with USER and PASS."
Sat Jan 14 20:01:06 2017 [pid 8099] FTP command: Client "::ffff:178.48.165.229", "AUTH SSL"
Sat Jan 14 20:01:06 2017 [pid 8099] FTP response: Client "::ffff:178.48.165.229", "530 Please login with USER and PASS."
Sat Jan 14 20:01:06 2017 [pid 8099] FTP command: Client "::ffff:178.48.165.229", "USER dev_back"
Sat Jan 14 20:01:06 2017 [pid 8099] [dev_back] FTP response: Client "::ffff:178.48.165.229", "331 Please specify the password."
Sat Jan 14 20:01:06 2017 [pid 8099] [dev_back] FTP command: Client "::ffff:178.48.165.229", "PASS <password>"
Sat Jan 14 20:01:06 2017 [pid 8098] [dev_back] OK LOGIN: Client "::ffff:178.48.165.229"
Sat Jan 14 20:01:06 2017 [pid 8100] [dev_back] FTP response: Client "::ffff:178.48.165.229", "230 Login successful."
Sat Jan 14 20:01:06 2017 [pid 8100] [dev_back] FTP command: Client "::ffff:178.48.165.229", "PWD"
Sat Jan 14 20:01:06 2017 [pid 8100] [dev_back] FTP response: Client "::ffff:178.48.165.229", "257 "/" is the current directory"
记事本++:
Sat Jan 14 20:01:37 2017 [pid 8102] CONNECT: Client "::ffff:178.48.165.229"
Sat Jan 14 20:01:37 2017 [pid 8102] FTP response: Client "::ffff:178.48.165.229", "220 (vsFTPd 3.0.3)"
Sat Jan 14 20:01:37 2017 [pid 8102] FTP command: Client "::ffff:178.48.165.229", "USER dev_back"
Sat Jan 14 20:01:37 2017 [pid 8102] [dev_back] FTP response: Client "::ffff:178.48.165.229", "331 Please specify the password."
Sat Jan 14 20:01:37 2017 [pid 8102] [dev_back] FTP command: Client "::ffff:178.48.165.229", "PASS <password>"
Sat Jan 14 20:01:37 2017 [pid 8101] [dev_back] OK LOGIN: Client "::ffff:178.48.165.229"
Sat Jan 14 20:01:37 2017 [pid 8103] [dev_back] FTP response: Client "::ffff:178.48.165.229", "230 Login successful."
Sat Jan 14 20:01:37 2017 [pid 8103] [dev_back] FTP command: Client "::ffff:178.48.165.229", "TYPE A"
Sat Jan 14 20:01:37 2017 [pid 8103] [dev_back] FTP response: Client "::ffff:178.48.165.229", "200 Switching to ASCII mode."
Sat Jan 14 20:01:37 2017 [pid 8103] [dev_back] FTP command: Client "::ffff:178.48.165.229", "MODE S"
Sat Jan 14 20:01:37 2017 [pid 8103] [dev_back] FTP response: Client "::ffff:178.48.165.229", "200 Mode set to S."
Sat Jan 14 20:01:37 2017 [pid 8103] [dev_back] FTP command: Client "::ffff:178.48.165.229", "STRU F"
Sat Jan 14 20:01:37 2017 [pid 8103] [dev_back] FTP response: Client "::ffff:178.48.165.229", "200 Structure set to F."
Sat Jan 14 20:01:38 2017 [pid 8103] [dev_back] FTP command: Client "::ffff:178.48.165.229", "PWD"
Sat Jan 14 20:01:38 2017 [pid 8103] [dev_back] FTP response: Client "::ffff:178.48.165.229", "257 "/" is the current directory"
Sat Jan 14 20:01:38 2017 [pid 8103] [dev_back] FTP command: Client "::ffff:178.48.165.229", "CWD /"
Sat Jan 14 20:01:38 2017 [pid 8103] [dev_back] FTP response: Client "::ffff:178.48.165.229", "250 Directory successfully changed."
Sat Jan 14 20:01:38 2017 [pid 8103] [dev_back] FTP command: Client "::ffff:178.48.165.229", "PASV"
Sat Jan 14 20:01:38 2017 [pid 8103] [dev_back] FTP response: Client "::ffff:178.48.165.229", "227 Entering Passive Mode (0,0,0,0,4,2)."
Sat Jan 14 20:01:38 2017 [pid 8103] [dev_back] FTP command: Client "::ffff:178.48.165.229", "LIST"
Sat Jan 14 20:02:38 2017 [pid 8103] [dev_back] FTP response: Client "::ffff:178.48.165.229", "425 Failed to establish connection."
Filezilla自带日志:
2017-01-14 21:27:41 4856 1 Response: 220 (vsFTPd 3.0.3)
2017-01-14 21:27:41 4856 1 Command: AUTH TLS
2017-01-14 21:27:41 4856 1 Response: 530 Please login with USER and PASS.
2017-01-14 21:27:41 4856 1 Command: AUTH SSL
2017-01-14 21:27:41 4856 1 Response: 530 Please login with USER and PASS.
2017-01-14 21:27:41 4856 1 Status: Insecure server, it does not support FTP over TLS.
2017-01-14 21:27:41 4856 1 Command: USER dev_back
2017-01-14 21:27:41 4856 1 Response: 331 Please specify the password.
2017-01-14 21:27:41 4856 1 Command: PASS ***********
2017-01-14 21:27:42 4856 1 Response: 230 Login successful.
2017-01-14 21:27:42 4856 1 Command: SYST
2017-01-14 21:27:42 4856 1 Response: 215 UNIX Type: L8
2017-01-14 21:27:42 4856 1 Command: FEAT
2017-01-14 21:27:42 4856 1 Response: 211-Features:
2017-01-14 21:27:42 4856 1 Response: EPRT
2017-01-14 21:27:42 4856 1 Response: EPSV
2017-01-14 21:27:42 4856 1 Response: MDTM
2017-01-14 21:27:42 4856 1 Response: PASV
2017-01-14 21:27:42 4856 1 Response: REST STREAM
2017-01-14 21:27:42 4856 1 Response: SIZE
2017-01-14 21:27:42 4856 1 Response: TVFS
2017-01-14 21:27:42 4856 1 Response: 211 End
2017-01-14 21:27:42 4856 1 Status: Server does not support non-ASCII characters.
2017-01-14 21:27:42 4856 1 Status: Logged in
2017-01-14 21:27:42 4856 1 Status: Retrieving directory listing...
2017-01-14 21:27:42 4856 1 Command: PWD
2017-01-14 21:27:42 4856 1 Response: 257 "/" is the current directory
2017-01-14 21:27:42 4856 1 Command: TYPE I
2017-01-14 21:27:42 4856 1 Response: 200 Switching to Binary mode.
2017-01-14 21:27:42 4856 1 Command: PASV
2017-01-14 21:27:42 4856 1 Response: 227 Entering Passive Mode (0,0,0,0,4,12).
2017-01-14 21:27:42 4856 1 Status: Server sent passive reply with unroutable address. Using server address instead.
2017-01-14 21:27:42 4856 1 Command: LIST
2017-01-14 21:27:42 4856 1 Response: 150 Here comes the directory listing.
2017-01-14 21:27:42 4856 1 Response: 226 Directory send OK.
2017-01-14 21:27:42 4856 1 Status: Directory listing of "/" successful
答案1
2017 年 1 月 14 日星期六 20:01:38 [pid 8103] [dev_back] FTP 响应:客户端“::ffff:178.48.165.229”,“227 进入被动模式(0,0,0,0“,4,2)”。
当设置公共时,这看起来像是 vsftpd FTP 服务器的一个错误,pasv_address并且服务器有一个(本地)IPv6 地址(EC2 的情况是这样的)。
我在 Server Fault 问题上发布了更多关于该 bug 的信息即使 pasv_address 正确,Vsftpd 也会使用 0,0,0,0 地址进行被动回复。
FileZilla 可以忽略无效的 IP 地址:
2017-01-14 21:27:42 4856 1 响应:227 进入被动模式 (0,0,0,0,4,12)。2017-01-14
21:27:42 4856 1 状态:服务器发送了带有不可路由地址的被动回复。改用服务器地址。
但 Notepad++ 不能。