PureFTP over TLS

Discussion in 'Tips/Tricks/Mods' started by corpus, Aug 31, 2011.

  1. corpus

    corpus Member

    Hello
    I had some errors to login in pureftpd server with TLS session enabled and filezilla with FTPES - FTP over explicit TLS/SSL

    after a litlle search in google found that the problem is the firewall.
    When i disabled firewall rules from ispconfig i can login
    So the solution that worked for me is

    first run as root
    Code:
    grep -i ftps /etc/services
    my results in debian 6
    Code:
    ftps-data	989/tcp				# FTP over SSL (data)
ftps		990/tcp
    add port 989 in Open TCP ports in your ispconfig firewall records
    :):)
    works !!
     
    Last edited: Aug 31, 2011
    corpus, Aug 31, 2011
    #1
  2. gertk

    gertk New Member

    gertk, Oct 22, 2011
    #2
  3. corpus

    corpus Member

    Your solution works

    Your solution works, mine works for a wile
    thanks
     
    corpus, Oct 31, 2011
    #3
  4. denpark

    denpark New Member

    do i need to add port 990 also? it doesn't seem to be in my list.
     
    denpark, Nov 7, 2011
    #4
  5. corpus

    corpus Member

    denpark try only the gertk solution

    faqforge.com/linux/controlpanels/ispconfig3/how-to-set-the-passiveportrange-in-pure-ftpd-on-denian-and-ubuntu-linux/

    My solution works only for a while
    But i don΄t know if only passive connections is ok
     
    corpus, Nov 8, 2011
    #5
  6. denpark

    denpark New Member

    denpark, Nov 8, 2011
    #6
  7. maumar

    maumar Member

    Hello
    I am not able to have FTP over Explicit TLS
    I have ftp over TLS, listening on port 21
    I would have ftp listening on port
    ftps-data 989/tcp # FTP over SSL (data)
    ftps 990/tcp

    But pure-ftp is listening on port 21 only

    Please advice
    Many thnx
     
    maumar, Jan 25, 2018
    #7
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    By default, FTP servers listen on port 21. When passive mode is used, then FTP opens a port that is within its configured passive port range after the initial connect:

    https://www.faqforge.com/linux/cont...ange-in-pure-ftpd-on-denian-and-ubuntu-linux/

    And in case that your intention is to force TLS for all connections, then alter the file /etc/pure-ftpd/conf/TLS and set the value to 2 on Debian and Ubuntu. On CentOS, you can find the TLS settings in the pure-ftpd.conf file instead.
     
    till, Jan 25, 2018
    #8
  9. maumar

    maumar Member

    this is ok, this is working fine.
    But
    we have a mikrotik behind server.
    Sserver has public static ip, and there is a mikrotik that recognize protocol and opens up passive ports.
    when protocol is ftps (ftp over implicit/explicit tls) mikrotik is not able to recognize protocol.
    so we need ftps on port 990 on server, so we can point filezilla toward port 990 and we opens mikrotik on connections toward port 990
    We are not able to have pure-ftpd listening on port 990, this is the issue
    I hope this is not too much confusive
    many regards
     
    maumar, Jan 25, 2018
    #9
  10. Croydon

    Croydon ISPConfig Developer ISPConfig Developer

    If you only want to use a different port (debian/ubuntu), do:
    Code:
    echo ",990" > /etc/pure-ftpd/conf/Bind
     
    Croydon, Jan 25, 2018
    #10

Share This Page