Cannot Get FTP to work ?

I've spent numberous days trying to ber able to connect to my ISPConfig 3 server using FTP and cannot get It to work. Has anyone else had simular problems & If YES how did they sort out the problem ?

Any response would be better than NONE

regards CMSITS

 

thanks Till for responding so quickly.

where do i find the ftp log file ?

I'm using FileZilla to connect and using root & root/passwd ?

I'm at the bottom of page 4
http://www.howtoforge.com/perfect-server-centos-6.4-x86_64-apache2-dovecot-ispconfig-3-p4

 

DID > require explicit FTP over TLS

I've added an attachment:
require explicit FTP over TLS

As shown NO details I added step by step at the bottom of page 4 ?

Connecting to 192.168.1.121:21...
Status: Connection established, waiting for welcome message...
Response: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
Response: 220-You are user number 1 of 50 allowed.
Response: 220-Local time is now 16:14. Server port: 21.
Response: 220-IPv6 connections are also welcome on this server.
Response: 220 You will be disconnected after 15 minutes of inactivity.
Command: AUTH TLS
Response: 234 AUTH TLS OK.
Status: Initializing TLS...
Status: Verifying certificate...
Command: USER root
Status: TLS/SSL connection established.
Response: 331 User root OK. Password required
Command: PASS **********
Response: 530 Login authentication failed
Error: Critical error
Error: Could not connect to server

CHECK LOGS:
pureftpd.log = Empty

ssl_error_log =
[Sun May 12 16:00:20 2013] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)

error.log =
[Sun May 12 15:40:19 2013] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sun May 12 15:40:19 2013] [notice] Digest: generating secret for digest authentication ...
[Sun May 12 15:40:19 2013] [notice] Digest: done
[Sun May 12 15:40:19 2013] [notice] Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 mod_ssl/2.2.15 OpenSSL/1.0.0-fips configured -- resuming normal operations
[Sun May 12 15:56:00 2013] [notice] caught SIGTERM, shutting down
[Sun May 12 15:56:01 2013] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sun May 12 15:56:01 2013] [notice] Digest: generating secret for digest authentication ...
[Sun May 12 15:56:01 2013] [notice] Digest: done
[Sun May 12 15:56:02 2013] [notice] Apache/2.2.15 (Unix) DAV/2 mod_fcgid/2.3.7 PHP/5.3.3 mod_ssl/2.2.15 OpenSSL/1.0.0-fips configured --
resuming normal operations

No log handling enabled - turning on stderr logging
Created directory: /var/lib/net-snmp/mib_indexes
[Sun May 12 15:57:58 2013] [notice] caught SIGTERM, shutting down
No log handling enabled - turning on stderr logging
Created directory: /var/lib/net-snmp/mib_indexes
[Sun May 12 15:57:59 2013] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sun May 12 15:57:59 2013] [notice] Digest: generating secret for digest authentication ...
[Sun May 12 15:57:59 2013] [notice] Digest: done
[Sun May 12 15:57:59 2013] [notice] Apache/2.2.15 (Unix) DAV/2 mod_fcgid/2.3.7 PHP/5.3.3 mod_ruby/1.3.0 Ruby/1.8.7(2011-06-30) mod_ssl/2.2.15 OpenSSL/1.0.0-fips configured -- resuming normal operations

[Sun May 12 16:00:18 2013] [notice] caught SIGTERM, shutting down
[Sun May 12 16:00:19 2013] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sun May 12 16:00:19 2013] [notice] Digest: generating secret for digest authentication ...
[Sun May 12 16:00:19 2013] [notice] Digest: done
[Sun May 12 16:00:20 2013] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
[Sun May 12 16:00:20 2013] [notice] mod_python: using mutex_directory /tmp
[Sun May 12 16:00:20 2013] [notice] Apache/2.2.15 (Unix) DAV/2 mod_fcgid/2.3.7 PHP/5.3.3 mod_python/3.3.1 Python/2.6.6 mod_ruby/1.3.0 Ruby/1.8.7(2011-06-30) mod_ssl/2.2.15 OpenSSL/1.0.0-fips configured -- resuming normal operations

What does that mean?
What have I missed?
I've gone over what I done step by step by the guide

 

Yes accepted the certificate
(should'nt that have the details I added on It?)
and still didn't connect

 

Here are the settings I'm using In filezilla
Am I missing something simple ??

 

I'm quite new to this & the tutorial Bottom of page 4 says :
That's it. You can now try to connect using your FTP client; however, you should configure your FTP client to use TLS.
http://www.howtoforge.com/perfect-server-centos-6.4-x86_64-apache2-dovecot-ispconfig-3-p4

this is well before ISPConfig Is Installed ???

I can connect using SFTP

But why is It not showing the details I added when doing this >

In order to use TLS, we must create an SSL certificate. I create it in /etc/ssl/private/, therefore I create that directory first:

mkdir -p /etc/ssl/private/

Afterwards, we can generate the SSL certificate as follows:

openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem

Country Name (2 letter code) [XX]: <-- Enter your Country Name (e.g., "DE").
State or Province Name (full name) []: <-- Enter your State or Province Name.
Locality Name (eg, city) [Default City]: <-- Enter your City.
Organization Name (eg, company) [Default Company Ltd]: <-- Enter your Organization Name (e.g., the name of your company).
Organizational Unit Name (eg, section) []: <-- Enter your Organizational Unit Name (e.g. "IT Department").
Common Name (eg, your name or your server's hostname) []: <-- Enter the Fully Qualified Domain Name of the system (e.g. "server1.example.com").
Email Address []: <-- Enter your Email Address.

Change the permissions of the SSL certificate:

chmod 600 /etc/ssl/private/pure-ftpd.pem

 

That certificate will never be used.
AND
It cannot be done before ISPConfig is installed as you stated.

Please look here

http://www.howtoforge.com/forums/showthread.php?t=61799

 

You could move the certificate you created using:

Code:

mv /etc/ssl/private/pure-ftpd.pem /etc/pki/pure-ftpd/pure-ftpd.pem
chmod 600 pure-ftpd.pem

OR

You could create a symbolic link to the certificate you created using:

Code:

ln -s /etc/ssl/private/pure-ftpd.pem /etc/pki/pure-ftpd/pure-ftpd.pem

 

I removed the #
from TLS
and saved restarted proftpd & still can't connect with filezilla ftp

I've created website & created ftp user for that website and added the firewall record for the server all in ISPconfig 3 cp

What have I missed ?

 

Connecting to 192.168.1.121:21...
Status: Connection established, waiting for welcome message...
Response: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
Response: 220-You are user number 1 of 50 allowed.
Response: 220-Local time is now 18:43. Server port: 21.
Response: 220-This is a private system - No anonymous login
Response: 220-IPv6 connections are also welcome on this server.
Response: 220 You will be disconnected after 15 minutes of inactivity.
Command: USER cmsits
Response: 331 User cmsits OK. Password required
Command: PASS **********
Response: 530 Login authentication failed
Error: Critical error
Error: Could not connect to server

 

Connecting to 192.168.1.121:21...
Status: Connection established, waiting for welcome message...
Response: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
Response: 220-You are user number 1 of 50 allowed.
Response: 220-Local time is now 18:45. Server port: 21.
Response: 220-This is a private system - No anonymous login
Response: 220-IPv6 connections are also welcome on this server.
Response: 220 You will be disconnected after 15 minutes of inactivity.
Command: AUTH TLS
Response: 234 AUTH TLS OK.
Status: Initializing TLS...
Status: Verifying certificate...
Command: USER cmsits
Status: TLS/SSL connection established.
Response: 331 User cmsits OK. Password required
Command: PASS **********
Response: 530 Login authentication failed
Error: Critical error
Error: Could not connect to server

 

Seems everything goes through ok but refuses password ?

 

I don't know about proftpd. I am using and referring to pure-ftpd. I also use FileZilla to connect.

You shouldn't need to add a firewall record, unless perhaps you've setup an alternate port somewhere, or you've created your own firewall rule that blocks the default port.

I don't know. Sorry Maybe, check that the username and passwords you are using are actually correct? .. Just a suggestion.

 

Sorry I meant PureFTPd

I added the default firewall record for server. (thought I had to, but removed now)

Its puzzelling me. can't seem to get ftp to work atall.
even on virtual machines I've set up on laptop
checked and re-checked usernames and passwords

 

May 13 08:55:43 centos1 pure-ftpd: ([email protected]) [INFO] New connection from 192.168.1.100
May 13 08:55:43 centos1 pure-ftpd: ([email protected]) [INFO] SSL/TLS: Enabled TLSv1/SSLv3 with AES256-SHA, 256 secret bits cipher
May 13 08:55:48 centos1 pure-ftpd: ([email protected]) [WARNING] Authentication failed for user [cmsits]
May 13 08:55:48 centos1 pure-ftpd: ([email protected]) [INFO] Logout.
May 13 09:00:01 centos1 pure-ftpd: (?@::1) [INFO] New connection from ::1
May 13 09:00:01 centos1 pure-ftpd: (?@::1) [INFO] Logout.