Hi, i have pureftp setup and running to use ssl, i can connect from my main workstation to ftp users, but i can't from computers on other ips, ie laptop when away from home, wordpress setup for sftp connection. The logs shows a connection, Jun 8 19:45:57 server pure-ftpd: ([email protected]) [INFO] New connection from 64.119.200.111 Jun 8 19:46:22 server pure-ftpd: ([email protected]) [INFO] New connection from 64.119.200.111 tried different ftp clients, logs in them show Response: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- Response: 220-You are user number 2 of 20 allowed. Response: 220-Local time is now 19:48. Server port: 21. Response: 220-This is a private system - No anonymous login Response: 220-IPv6 connections are also welcome on this server. Response: 220 You will be disconnected after 15 minutes of inactivity. any ideas? thanks
By the looks of it you actually are logged in, so i'm guessing you don't get to see any folders/files list? Have you tried turning on passive ftp in the ftp client? (and if so are passive ports not blocked on the firewall?)
Hi and thanks for replies. Client is yummyftp full log output is as first post, here it is. << Connection : 1 >> << Date Time : 12/6/17 09:15:22 >> 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 1 of 20 allowed. 220-Local time is now 14:15. Server port: 21. 220-This is a private system - No anonymous login 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. AUTH TLS yummy uses the cloud to sync ftp login details so i am using exactly the same settings that works on my desktop, which works fine. i tried filezilla and log out put is Status: Resolving address of mydomain.org Status: Connecting to 109.235.147.**:21... Status: Connection established, waiting for welcome message... Response: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- Response: 220-You are user number 2 of 20 allowed. Response: 220-Local time is now 14:23. Server port: 21. Response: 220-This is a private system - No anonymous login Response: 220-IPv6 connections are also welcome on this server. Response: 220 You will be disconnected after 15 minutes of inactivity. Command:AUTH TLS There is no active firewall on my laptop. The server firewall has ports open for passive ftp, which is what ftp clients are set to. The server is working fine as can connect from desktop ok? thanks
This is my filezilla console output: Code: Status: Resolving address of domain.tld Status: Connecting to x.x.x.x:21... Status: Connection established, waiting for welcome message... Status: Initializing TLS... Status: Verifying certificate... Status: TLS connection established. Status: Logged in Status: Retrieving directory listing... Status: Directory listing of "/" successful In filezilla you can try to do FTP without TLS, see if that works.
Tried all the options in filezilla, this is with no encryption Status: Resolving address of mydomain.com Status: Connecting to 109.235.147.**:21... Status: Connection established, waiting for welcome message... Response: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- Response: 220-You are user number 1 of 20 allowed. Response: 220-Local time is now 00:08. Server port: 21. Response: 220-This is a private system - No anonymous login Response: 220-IPv6 connections are also welcome on this server. Response: 220 You will be disconnected after 15 minutes of inactivity. Command:USER userftp Response: 421 Sorry, cleartext sessions are not accepted on this server. Error: Could not connect to server
Remember I can connect fine from my desktop using same setting in yummyftp on both desktop and laptop so connecting is not an issue, it is just not allowing ftp connections from laptop or wordpress sites?
You already posted the error: Response: 421 Sorry, cleartext sessions are not accepted on this server. What does filezilla say with TLS?
i believe that pureftp uses a site wide ssl which self signed! If is is an issue with cert why is it working with desktop ok?
If you can't connect outside the LAN, the problem must be blocked ports...? Try to define the passive ports for pure-ftpd and remember to open them in any firewall you use! I don't know if this can fix your problems, but it worked for me... I had similar problems a couple of days ago, after only allowing TLS connections... I my case, I have pure-ftpd-mysql installed, where I created "/etc/pure-ftpd/conf/PassivePortRange" and added ie. "40000 40500". (I also defined the server/ISP's WAN IP by adding it to "/etc/pure-ftpd/ForcePassiveIP".) But I must admit that I don't quite remember the problem or the errors I got, since it turned out that it was the program I used, that didn't supported TLS1.2. So I can't even tell if defining and opening the passive ports helped me.
Please note that the "Response: 421 Sorry, cleartext sessions are not accepted on this server." is only mentioned in the latest posted log! So I do think that there is a problem, but when trying to connect, you (carpman), must be sure that you are connection correctly! (o:
thanks for replies, as said i can connect fine from my desktop, this is not on the same lan as server, server is located at hosting company. I use yummyftp which syncs settings via dropbox so i am using exactly the same setting on laptop that work on my desktop, the current connection i am using has no firewall so closed ports should not be an issue. One of the previous logs mentions cleartext, this is because i was trying different option in filezilla. regarding ssl cert, if this is an issue why is working fine on desktop? From what i see from logs it looks like i am logged in, but ftpclient is not recognising this? Client is yummyftp full log output is as first post, here it is. << Connection : 1 >> << Date Time : 12/6/17 09:15:22 >> 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 1 of 20 allowed. 220-Local time is now 14:15. Server port: 21. 220-This is a private system - No anonymous login 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. AUTH TLS
