I usually connect via SFTP to access files, but I need to create a plain FTP account for a client. This account should only have access to its website directory and not be able to view other server files. However, when testing the account, I received an error message stating that the server does not support TLS sessions. For reference, the entire server is set up following the Perfect Server guide, and ISPConfig is updated to its latest version. Here are some details that cloud be helpful : Code: root@cloud:~# cat /etc/pure-ftpd/conf/TLS 1 Code: root@cloud:/#ls -la /etc/ssl/private/ total 16 drwx--x--- 2 root ssl-cert 4096 Jun 3 11:14 . drwxr-xr-x 4 root root 4096 May 22 21:59 .. lrwxrwxrwx 1 root root 50 Jun 3 10:32 pure-ftpd-dhparams.pem -> /usr/local/ispconfig/interface/ssl/dhparam4096.pem lrwxrwxrwx 1 root root 48 Jun 3 11:14 pure-ftpd.pem -> /usr/local/ispconfig/interface/ssl/ispserver.pem -rw------- 1 root root 3002 Jun 3 10:31 pure-ftpd.pem-20240603103158.bak lrwxrwxrwx 1 root root 48 Jun 3 10:32 pure-ftpd.pem-20240603111427.bak -> /usr/local/ispconfig/interface/ssl/ispserver.pem -rw-r----- 1 root ssl-cert 1704 Jun 3 10:28 ssl-cert-snakeoil.key the pure-ftpd.pem-20240603111427.bak is from ISPConfig Backup after update Code: root@cloud:/# netstat -tap | grep ftp tcp 0 0 65.20.107.161.vul:40195 0.0.0.0:* LISTEN 1564505/pure-ftpd ( tcp 0 0 0.0.0.0:ftp 0.0.0.0:* LISTEN 1562799/pure-ftpd ( tcp 0 0 65.20.107.161.vul:40195 41.141.232.123:18270 ESTABLISHED 1564505/pure-ftpd ( tcp 0 0 65.20.107.161.vultr:ftp 41.141.232.123:18269 ESTABLISHED 1564505/pure-ftpd ( tcp6 0 0 [::]:ftp [::]:* LISTEN 1562799/pure-ftpd (
The ftp usually works out of box since your setup follows ISPConfig PST but restarting pure-ftpd-mysql service is a good start to check though I am a little bit confused why it didn't work the first time you tried. You did have the TLS and certs in place in the first place during your earlier test, right? And it also should had been restarted after the ISPConfig update, applying new certs. Or may be because you never use it and had disabled it? A web server manual or auto install should normally have ftp enabled by default unless it is disabled somewhere after setup. Whatever was the cause, since you are now using it, I would suggest you monitor it in monit and set it to restart if it was somehow disabled.
yes The ftp works of course, the problem I had is it was not over TLS , I think after updating ISPConfig to the last version and I kept the old certificate , so for best practice I think , restarting pure-ftpd-mysql service after each ISPConfig Update
