[SPlutard]

I've got an Ubuntu server (10.04.4) running vsftpd as an offsite backup server. The goal is to be able to use FTP(S) to periodically mirror important files. [My 3rd-party PC backup software doesn't support SFTP.] At the moment, login attempts on port 21 hang and timeout UNLESS I am simultaneously logged in via SSH. Because of this, I have a feeling the problem might be with iptables settings, but I'm not sure.

I know the port is open, as nmap gives:

Starting Nmap 5.00 ( http://nmap.org ) at 2012-03-20 16:15 CDT
Interesting ports on xx.xxx.xx.x:
Not shown: 995 closed ports
PORT    STATE SERVICE
21/tcp  open  ftp
22/tcp  open  ssh
53/tcp  open  domain
139/tcp open  netbios-ssn
445/tcp open  microsoft-ds

Nmap done: 1 IP address (1 host up) scanned in 0.15 seconds

I don't see anything wrong with my iptables rules, but here they are (for INPUT):

lucas@rearden:~$ sudo iptables -L INPUT
Chain INPUT (policy DROP)
target     prot opt source               destination
fail2ban-ssh  tcp  --  anywhere             anywhere            multiport dports ssh
ufw-before-logging-input  all  --  anywhere             anywhere
ufw-before-input  all  --  anywhere             anywhere
ufw-after-input  all  --  anywhere             anywhere
ufw-after-logging-input  all  --  anywhere             anywhere
ufw-reject-input  all  --  anywhere             anywhere
ufw-track-input  all  --  anywhere             anywhere
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ftp

Any thoughts or resources that might help?

[fatbunny]

There is FTP, SFTP and then FTP over SSH. Sounds like you have FTP over SSH setup rather than just FTP. See here