Hello, I don't know what happen, but pure-ftp has stopped. My log : Code: Oct 15 14:52:52 xxxxxxxx systemd[1]: Started pure-ftpd-mysql.service. Oct 15 14:52:52 xxxxxxxx pure-ftpd: (?@?) [DEBUG] Couldn't load the DH parameters file /etc/ssl/private/pure-ftpd-dhparams.pem Oct 15 14:53:01 xxxxxxxx CRON[2585]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done) Oct 15 14:53:01 xxxxxxxx CRON[2586]: (root) CMD (/usr/local/rtm/bin/rtm 39 > /dev/null 2> /dev/null) Oct 15 14:53:01 xxxxxxxx CRON[2584]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done) Oct 15 14:53:09 xxxxxxxx pure-ftpd: ([email protected]) [INFO] New connection from 104.158.87.181 Oct 15 14:53:09 xxxxxxxx pure-ftpd: ([email protected]) [WARNING] Sorry, cleartext sessions and weak ciphers are not accepted on this server.#012Please reconnect using TLS security mechanisms. Oct 15 14:53:09 xxxxxxxx ntpd[641]: 12.167.151.1 local addr 94.23.214.34 -> <null> Oct 15 14:53:33 xxxxxxxx pure-ftpd: ([email protected]) [INFO] New connection from 104.158.87.181 Oct 15 14:53:33 xxxxxxxx pure-ftpd: ([email protected]) [WARNING] Sorry, cleartext sessions and weak ciphers are not accepted on this server.#012Please reconnect using TLS security mechanisms. Oct 15 14:54:01 xxxxxxxx CRON[2708]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done) Oct 15 14:54:01 xxxxxxxx CRON[2707]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done) Oct 15 14:54:01 xxxxxxxx CRON[2706]: (root) CMD (/usr/local/rtm/bin/rtm 39 > /dev/null 2> /dev/null) Oct 15 14:55:01 xxxxxxxx CRON[2834]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done) Oct 15 14:55:01 xxxxxxxx CRON[2835]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done) Oct 15 14:55:01 xxxxxxxx CRON[2836]: (getmail) CMD (/usr/local/bin/run-getmail.sh > /dev/null 2>> /dev/null) Oct 15 14:55:01 xxxxxxxx CRON[2842]: (root) CMD (/usr/local/rtm/bin/rtm 39 > /dev/null 2> /dev/null) Oct 15 14:55:03 xxxxxxxx pure-ftpd: (?@::1) [INFO] New connection from ::1 Oct 15 14:55:03 xxxxxxxx pure-ftpd: (?@::1) [INFO] Logout. Oct 15 14:55:03 xxxxxxxx dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=::1, lip=::1, secured, session=</tlBn0V4opYAAAAAAAAAAAAAAAAAAAAB> Oct 15 14:55:03 xxxxxxxx dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=::1, lip=::1, secured, session=<J9pBn0V42oQAAAAAAAAAAAAAAAAAAAAB> Oct 15 14:55:03 xxxxxxxx postfix/smtpd[3029]: warning: cannot load 1024-bit DH parameters from file /etc/ssl/private/dhparams.pem: No such file or directory -- using compiled-in defaults Oct 15 14:55:03 xxxxxxxx postfix/smtpd[3029]: connect from localhost[::1] Oct 15 14:55:03 xxxxxxxx postfix/smtpd[3029]: lost connection after CONNECT from localhost[::1] Oct 15 14:55:03 xxxxxxxx postfix/smtpd[3029]: disconnect from localhost[::1] commands=0/0 Oct 15 14:55:05 xxxxxxxx dovecot: imap-login: Disconnected (auth failed, 1 attempts in 4 secs): user=<[email protected]>, method=PLAIN, rip=38.126.119.72, lip=94.23.214.34, session=<dFkcn0V427UmfndI> Tk for your help
I do that : At the origin, I don't know I try this openssl dhparam -out /etc/ssl/private/pure-ftpd-dhparams.pem 2048 ok for pure ftp but I have always this pb : Oct 15 15:11:18 xxxxxx pure-ftpd: ([email protected]) [WARNING] Sorry, cleartext sessions and weak ciphers are not accepted on this server.#012Please reconnect using TLS security mechanisms.
There the result : do see anything : Code: ##### SERVER ##### IP-address (as per hostname): ***.***.***.*** [WARN] could not determine server's ip address by ifconfig [INFO] ISPConfig is installed. ##### ISPCONFIG ##### ISPConfig version is 3.1.13 ##### VERSION CHECK ##### [INFO] php (cli) version is 7.0.30-0+deb9u1 ##### PORT CHECK ##### ##### MAIL SERVER CHECK ##### ##### RUNNING SERVER PROCESSES ##### [INFO] I found the following web server(s): Apache 2 (PID 1112) [INFO] I found the following mail server(s): Postfix (PID 1037) [INFO] I found the following pop3 server(s): Dovecot (PID 742) [INFO] I found the following imap server(s): Dovecot (PID 742) [INFO] I found the following ftp server(s): PureFTP (PID 4984) ##### LISTENING PORTS ##### (seulement () Adresse (distante) [localhost]:10027 (1037/master) [anywhere]:587 (1037/master) [localhost]:11211 (559/memcached) [anywhere]:110 (742/dovecot) [anywhere]:143 (742/dovecot) [anywhere]:465 (1037/master) [anywhere]:21 (4984/pure-ftpd) ***.***.***.***:53 (557/named) [localhost]:53 (557/named) [anywhere]:22 (735/sshd) [anywhere]:25 (1037/master) [localhost]:953 (557/named) [anywhere]:993 (742/dovecot) [anywhere]:995 (742/dovecot) [localhost]:8998 (561/php-fpm:) [localhost]:10024 (1290/amavisd-new) [localhost]:10025 (1037/master) [localhost]:10026 (1290/amavisd-new) [localhost]:3306 (730/mysqld) *:*:*:*::*:587 (1037/master) [localhost]10 (742/dovecot) [localhost]43 (742/dovecot) *:*:*:*::*:80 (1112/apache2) *:*:*:*::*:8080 (1112/apache2) *:*:*:*::*:465 (1037/master) *:*:*:*::*:8081 (1112/apache2) *:*:*:*::*:21 (4984/pure-ftpd) *:*:*:*::*:53 (557/named) *:*:*:*::*:22 (735/sshd) *:*:*:*::*:25 (1037/master) *:*:*:*::*:953 (557/named) *:*:*:*::*:443 (1112/apache2) *:*:*:*::*:993 (742/dovecot) *:*:*:*::*:995 (742/dovecot) *:*:*:*::*:10024 (1290/amavisd-new) *:*:*:*::*:10026 (1290/amavisd-new) ##### IPTABLES ##### Chain INPUT (policy ACCEPT) target prot opt source destination f2b-pureftpd tcp -- [anywhere]/0 [anywhere]/0 multiport dports 21 f2b-dovecot-pop3imap tcp -- [anywhere]/0 [anywhere]/0 multiport dports 110,995,143,993 f2b-postfix tcp -- [anywhere]/0 [anywhere]/0 multiport dports 25,465,587 f2b-sshd tcp -- [anywhere]/0 [anywhere]/0 multiport dports 22 Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain f2b-dovecot-pop3imap (1 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 Chain f2b-postfix (1 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 Chain f2b-pureftpd (1 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 Chain f2b-sshd (1 references) target prot opt source destination REJECT all -- ***.***.***.*** [anywhere]/0 reject-with icmp-port-unreachable RETURN all -- [anywhere]/0 [anywhere]/0
The warning means server does not accept weak cipher. This is a good thing. That is how you should configure the server. Are you using very old version of Filezilla? Are you trying to use insecure FTP? What setting do you use when connecting from Filezilla?
For filezila 3.33 cryptage : ftp explicit on TLS. I tried different choice, always the same pb. authentification normal
I tried by command, result Could be a certificate on my computer ? Code: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 1 of 50 allowed. 220-Local time is now 16:36. Server port: 21. 220-This is a private system - No anonymous login 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. Name (clicshopping.com:oitsuki): xxxxxxxx 421-Sorry, cleartext sessions and weak ciphers are not accepted on this server. 421 Please reconnect using TLS security mechanisms. Login failed.
I suspect you have done mistakes in Perfect Server quide chapter 14 Install PureFTPd and Quota Check the setup.
I recreate the certificate like explain section 14: https://www.howtoforge.com/tutorial...-stretch-apache-bind-dovecot-ispconfig-3-1/2/ same problem result Code: Starting ftp server: Running: /usr/sbin/pure-ftpd-mysql-virtualchroot -l mysql:/etc/pure-ftpd/db/mysql.conf -l pam -O clf:/var/log/pure-ftpd/transfer.log -A -b -J ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA -H -D -8 UTF-8 -Y 2 -u 1000 -E -B Oct 15 16:57:20 ns304677 systemd[1]: Started pure-ftpd-mysql.service. pure-ftpd: ([email protected]) [WARNING] Sorry, cleartext sessions and weak ciphers are not accepted on this server.#012Please reconnect using TLS security mechanisms.
Have you checked you have done correctly all of chapter 14? What about this part: Code: chmod 600 /etc/ssl/private/pure-ftpd.pem
yes, there my all certificates Code: -rw-r--r-- 1 root root 3164 juil. 22 00:37 apache.pem -rw------- 1 root root 1460 juil. 22 00:37 dovecot.pem -rw------- 1 root root 1704 juil. 22 00:37 xxxxxxx.ip-xx-23-xxxx.eu.key -rw-r--r-- 1 root root 424 oct. 15 15:10 pure-ftpd-dhparams.pem -rw------- 1 root root 3172 oct. 15 16:57 pure-ftpd.pem -rw-r----- 1 root ssl-cert 1704 juil. 22 00:29 ssl-cert-snakeoil.key
etc/ssl/private# /etc/init.d/pure-ftpd-mysql restart [ ok ] Restarting pure-ftpd-mysql (via systemctl): pure-ftpd-mysql.service. don't want.
