Menu

Trouble transferring files via FTP to vsftpd running on AWS EC2 instance

Help
Kevin Price-Ward
2020-01-27
2020-01-28

  • Kevin Price-Ward

    Kevin Price-Ward - 2020-01-27

    Hi,

    I'm having real trouble getting fullsync working with vsftpd on a small Amazon EC2 instance. I'm able to connect to it fine with FileZilla and other FTP clients, but fullsync is proving problematic.

    I'm doing a publish/update from a local directory on my Mac to a FTP server which I've set up on AWS EC2 with vsFTPd.

    I'm trying to do this over old style, non-TLS FTP connection, I have enabled the correct ports on EC2 and I think I have my vsftpd conf file configured correctly.

    I have managed to connect, I think, but no files are being transferred to my FTP server, here is the log file from fullsync:

    6873059 [Thread-83] DEBUG org.apache.commons.vfs2.cache.SoftRefFilesCache - putFile: file:///Users/kevin.price-ward/Documents/4x4tyres/test
6873611 [Thread-83] DEBUG org.apache.commons.vfs2.cache.SoftRefFilesCache - putFile: ftp://ec2-3-19-185-105.us-east-2.compute.amazonaws.com/
6873616 [Thread-83] DEBUG org.apache.commons.vfs2.cache.SoftRefFilesCache - putFile: file:///Users/kevin.price-ward/Documents/4x4tyres/test/04-wheel-detail-page.png
6873886 [Thread-83] DEBUG StateDecider - 04-wheel-detail-page.png; 1197819 Bytes Fri Nov 22 17:02:50 GMT 2019 vs. 04-wheel-detail-page.png; -
6873886 [Thread-83] DEBUG StateDecider - destination missing
6873886 [Thread-83] DEBUG TaskGeneratorImpl - 04-wheel-detail-page.png: [Add(Destination) BU: Destination; Rec: true - Add]
6896410 [ActionPerformer] INFO FullSync - Synchronization started
6896410 [ActionPerformer] INFO FullSync -   source:      /Users/kevin.price-ward/Documents/4x4tyres/test
6896410 [ActionPerformer] INFO FullSync -   destination: ftp://ec2-3-19-185-105.us-east-2.compute.amazonaws.com:21/
6896423 [ActionPerformer] DEBUG org.apache.commons.vfs2.cache.SoftRefFilesCache - putFile: ftp://ec2-3-19-185-105.us-east-2.compute.amazonaws.com/04-wheel-detail-page.png
6896693 [ActionPerformer] ERROR FullSync - Exception
org.apache.commons.vfs2.FileSystemException: Could not write to "ftp://ec2-3-19-185-105.us-east-2.compute.amazonaws.com/04-wheel-detail-page.png".
    at org.apache.commons.vfs2.provider.AbstractFileObject.getOutputStream(AbstractFileObject.java:1439)
    at org.apache.commons.vfs2.provider.DefaultFileContent.getOutputStream(DefaultFileContent.java:461)
    at org.apache.commons.vfs2.provider.DefaultFileContent.getOutputStream(DefaultFileContent.java:441)
    at net.sourceforge.fullsync.fs.connection.CommonsVfsConnection.writeFile(CommonsVfsConnection.java:134)
    at net.sourceforge.fullsync.fs.connection.AbstractFile.getOutputStream(AbstractFile.java:180)
    at net.sourceforge.fullsync.impl.FileCopyEntryDescriptor.getOutputStream(FileCopyEntryDescriptor.java:64)
    at net.sourceforge.fullsync.buffer.BlockBuffer.flush(BlockBuffer.java:89)
    at net.sourceforge.fullsync.impl.FillBufferTaskExecutor.flush(FillBufferTaskExecutor.java:165)
    at net.sourceforge.fullsync.Synchronizer.performActions(Synchronizer.java:122)
    at net.sourceforge.fullsync.ui.TaskDecisionPage$2.run(TaskDecisionPage.java:219)
    at java.base/java.lang.Thread.run(Thread.java:844)
Caused by: org.apache.commons.vfs2.FileSystemException: Cant open output connection for file "ftp://ec2-3-19-185-105.us-east-2.compute.amazonaws.com/04-wheel-detail-page.png". Reason: "550 Permission denied.
".
    at org.apache.commons.vfs2.provider.ftp.FtpFileObject.doGetOutputStream(FtpFileObject.java:648)
    at org.apache.commons.vfs2.provider.AbstractFileObject.getOutputStream(AbstractFileObject.java:1431)
    ... 10 more
6896695 [ActionPerformer] DEBUG org.apache.commons.vfs2.cache.SoftRefFilesCache - close fs: file:///
6896695 [ActionPerformer] DEBUG org.apache.commons.vfs2.cache.SoftRefFilesCache - close fs: ftp://ec2-3-19-185-105.us-east-2.compute.amazonaws.com/
6896696 [ActionPerformer] INFO FullSync - synchronization successful
6896696 [ActionPerformer] INFO FullSync - ------------------------------------------------------------
GUIUpdateQueue<TaskFinishedEvent>::doUpdate: 1
6899242 [main] DEBUG org.apache.commons.vfs2.cache.SoftRefFilesCache - close fs: file:///
6899242 [main] DEBUG org.apache.commons.vfs2.cache.SoftRefFilesCache - close fs: ftp://ec2-3-19-185-105.us-east-2.compute.amazonaws.com/

    To me it looks like a permission error? But the FTP user I am connecting with has full write access so I'm not sure.

    Also here is my vsftpd.conf file in case there's an issue with the way I have it configured:

    # 
# You may activate the "-R" option to the builtin ls. This is disabled by 
# default to avoid remote users being able to cause excessive I/O on large 
# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume 
# the presence of the "-R" option, so there is a strong case for enabling it. 
#ls_recurse_enable=YES 
# 
# When "listen" directive is enabled, vsftpd runs in standalone mode and 
# listens on IPv4 sockets. This directive cannot be used in conjunction 
# with the listen_ipv6 directive. 
listen=NO 
# 
# This directive enables listening on IPv6 sockets. By default, listening 
# on the IPv6 "any" address (::) will accept connections from both IPv6 
# and IPv4 clients. It is not necessary to listen on *both* IPv4 and IPv6 
# sockets. If you want that (perhaps because you want to listen on specific 
# addresses) then you must run two copies of vsftpd with two configuration 
# files. 
# Make sure, that one of the listen options is commented !! 
listen_ipv6=YES 

pam_service_name=vsftpd 
userlist_enable=YES 
tcp_wrappers=YES 

pasv_enable=NO 
pasv_min_port=1024 
pasv_max_port=1048 
pasv_address=3.19.185.105 
allow_writeable_chroot=YES 

rsa_cert_file=/etc/ssl/private/vsftpd.pem 
rsa_private_key_file=/etc/ssl/private/vsftpd.pem 

#ssl_enable=YES 
#allow_anon_ssl=NO 
#force_local_data_ssl=YES 
#force_local_logins_ssl=YES 

#ssl_tlsv1=YES 
#ssl_sslv2=NO 
#ssl_sslv3=NO 
#require_ssl_reuse=NO 
#ssl_ciphers=HIGH

    Can anyone provide any insight here?
    Thanks in advance
    Kevin

     

    Last edit: Kevin Price-Ward 2020-01-27

  • Christoph

    Christoph - 2020-01-28

    Hi Kevin,
    have you tried uploading files with FileZilla or just tried to connect? From the log it looks like FullSync is able to connect but fails to upload a file because the server denies that.

    BUT: FTP is a horrible protocol. If at all possible use SFTP (filetransfer over SSH - not to be confused with FTPS which is just horrible FTP with TLS).

    I assume that you can SSH into your EC2 instance already, so using SFTP would remove an additional service that you need to expose to the internet.

    BR,
    Christoph

     

Log in to post a comment.