Hvae you created the SSL Certs for proftpd? Did you get any errors when you restart proftpd or try to connect with TLS?
I thought the certs were already created. No errs on restarting proftpd, but when trying to FTP using TLS I get the following error: Code: AUTH TLS 500 AUTH not understood SER user 331 Password required for user. PASS ********** 230 User user logged in.
Well, I can finally connect. I had the wrong setting in my FTP client (changed from "AUTH TLS" to "SSH/FTPS". However, the user is not in a '~' jail. How do I fix this? EDIT: Ah, it's just like an ssh session. Whoops! So I still need TLS to work, which it doesn't currently.
Well, that would do it, but I figured out I was connecting over an SSH tunnel. "DefaultRoot ~" is in "/etc/proftpd_ispconfig.conf", which is included in "/etc/proftpd.conf". I still can't connect with TLS though.
Does you proftpd.conf contain these liens: Code: TLSEngine on TLSLog /var/log/tls.log TLSProtocol SSLv23 TLSOptions NoCertRequest TLSRSACertificateFile /etc/ssl/certs/proftpd.cert.pem TLSRSACertificateKeyFile /etc/ssl/certs/proftpd.key.pem TLSVerifyClient off The lines may vary a bit, depending on your linux distribution.
Nope, it certainly did not. I added those lines but I need to create the ".pem" files (I already did a "locate *.pem" and got nothing). Is there a method I should follow? Thanks!!!
please use this command to generate the SSL certificates. Code: openssl req -new -x509 -days 365 -nodes -out /etc/ssl/certs/proftpd.cert.pem -keyout /etc/ssl/certs/proftpd.key.pem
Thanks. Did that, but I'm still getting this error: Code: AUTH TLS 500 AUTH not understood SER user 331 Password required for user. I'm using CoreFTP with the attached as connection settings. EDIT: I did also restart the proftp daemon. Code: /etc/init.d/proftpd restart
Have you tried the other options Auth SSL and SSL direct? or tried to uncheck the ssl-listings and ssl-transfers checkboxes? Any errors in the logfiles when you restart proftpd?
Auth SSL gives the same err and SSL direct gives: Code: SSL/TLS error - 0, SSL error - 1 SSL Connection not established I think it's connecting using TLS, but the AUTH command is simply not recognized, for whatever reason. I don't exactly get any errors, but I did this: Code: # grep proftpd /var/log/syslog Jan 20 11:17:21 bismarck proftpd[11480]: y.y.y.y (my.workplace.com[x.x.x.x]) - FTP session opened. Jan 20 11:17:53 bismarck proftpd[11480]: y.y.y.y (my.workplace.com[x.x.x.x]) - FTP session closed. That's all i can find. I'm at a loss at this point.
Just guessing: Maybe the TLS code must be placed inside the proftpd virtual configurations. The are in the file that is included at the end of proftpd.conf
Are you talking about putting this... Code: # Uncomment this if you would use TLS module: TLSEngine on TLSLog /var/log/tls.log TLSProtocol SSLv23 TLSOptions NoCertRequest TLSRSACertificateFile /etc/ssl/certs/proftpd.cert.pem TLSRSACertificateKeyFile /etc/ssl/certs/proftpd.key.pem TLSVerifyClient off ...into... Code: /etc/proftpd_ispconfig.conf ...instead of... Code: /etc/proftpd.conf ...or do you mean something else?
Yes, i mean putting it in /etc/proftpd_ispconfig.conf inside the <virtualhosts 192.168.0.1> ..... </virtualhost> Tags.
Done. Initially I got this error: Code: # /etc/init.d/proftpd restart Restarting ProFTPD ftp daemon.proftpd. .. - Fatal: TLSProtocol: directive not allowed in <VirtualHost> context on line 15 of '/etc/proftpd_ispconfig.conf' . done. ...so I commented out the directive... Code: TLSProtocol SSLv23 ...and now the daemon restarts with no errors. However, my FTP client stops after "AUTH TLS successful": Code: Resolving my.server.net... Connect socket #1492 to x.x.x.x, port 21... 220 ProFTPD 1.2.10 Server (bismarck) [y.y.y.y] AUTH TLS 234 AUTH TLS successful ...nothing after that, and no directory listing. I've tried different options as before. Any ideas?
