LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 02-27-2013, 07:14 AM   #1
saran_redhat
Member
 
Registered: May 2009
Location: chennai
Posts: 247

Rep: Reputation: 16
Proftpd with ssl


HI Friends,

How to configure proftpd with ssl. I am using centos 5.3
I need to enable both implicit and explicit ssl/tls options in the proftpd.

Please help me.

Thanks
 
Old 02-27-2013, 07:18 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974
there are LOADS of guides about this online ready and waiting for you./ Pick one that looks suitable to your needs and if you have a *SPECIFIC* issue, please ask for help.
 
Old 02-27-2013, 11:06 AM   #3
saran_redhat
Member
 
Registered: May 2009
Location: chennai
Posts: 247

Original Poster
Rep: Reputation: 16
proftpd ssl

Quote:
Originally Posted by acid_kewpie View Post
there are LOADS of guides about this online ready and waiting for you./ Pick one that looks suitable to your needs and if you have a *SPECIFIC* issue, please ask for help.
Hi Thank you for the reply

I tried But only explicit with ssl working and implicit not working and i am getting failed retrive directory listing error.
some gnu utils error specifically I need implicit ssl/over tls need So please help me
thanks
 
Old 02-27-2013, 11:29 AM   #4
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 17,921

Rep: Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690
Quote:
Originally Posted by saran_redhat View Post
Hi Thank you for the reply
I tried But only explicit with ssl working and implicit not working and i am getting failed retrive directory listing error.
some gnu utils error specifically I need implicit ssl/over tls need So please help me
thanks
Ok, again, just saying "I tried", tells us nothing. WHAT did you try? What instructions did you follow? What message(s)/error(s) are you getting???

And did you bother to check the proFTP website, where this is covered and explained VERY WELL???
http://www.proftpd.org/docs/howto/TLS.html
http://www.proftpd.org/docs/contrib/mod_tls.html

From the ProFTPD website:
Quote:
Originally Posted by ProFTPD Website
Question: How come mod_tls does not support "implicit" FTPS (i.e. automatically encrypting sessions on port 990)?
Answer: The short answer is because the Draft no longer specifies support for such a mode. Here is a description of why the alternatives to the current mode (client-requested encryption using standard control channel) are "bad".
Read the rest on the website.
 
Old 02-27-2013, 12:04 PM   #5
saran_redhat
Member
 
Registered: May 2009
Location: chennai
Posts: 247

Original Poster
Rep: Reputation: 16
Quote:
Originally Posted by TB0ne View Post
Ok, again, just saying "I tried", tells us nothing. WHAT did you try? What instructions did you follow? What message(s)/error(s) are you getting???

And did you bother to check the proFTP website, where this is covered and explained VERY WELL???
http://www.proftpd.org/docs/howto/TLS.html
http://www.proftpd.org/docs/contrib/mod_tls.html

From the ProFTPD website:

Read the rest on the website.
h[/I]


Hi Friends
I am getting connection refused error and i got failed to retrieve directroy listing
and i am not able to directory listing in file filezilla so please i will inform my configuration file
Thank you fpr your message
 
Old 02-27-2013, 01:18 PM   #6
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 17,921

Rep: Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690
Quote:
Originally Posted by saran_redhat View Post
hI
Hi Friends
I am getting connection refused error and i got failed to retrieve directroy listing
and i am not able to directory listing in file filezilla so please i will inform my configuration file
Thank you fpr your message
..which STILL does not tell us anything new. AGAIN:
  1. What guides did you follow?
  2. Have you read/understood the links posted to the ProFTPD site?
  3. Did you bother to try to install the mod_tls plugin, as the ProFTPD site told you to, for implicit TLS?
  4. Did you get any error(s)/message(s) doing so??
Until you provide details or more information, posting the same question over and over is pointless, as is just coming back saying "please help me". You've posted in this thread three times, and nothing has changed yet, and you haven't even acknowledged you have read anything, or answered anyones questions.
 
Old 02-27-2013, 10:06 PM   #7
saran_redhat
Member
 
Registered: May 2009
Location: chennai
Posts: 247

Original Poster
Rep: Reputation: 16
proftpd with ssl

Quote:
Originally Posted by TB0ne View Post
..which STILL does not tell us anything new. AGAIN:
  1. What guides did you follow?
  2. Have you read/understood the links posted to the ProFTPD site?
  3. Did you bother to try to install the mod_tls plugin, as the ProFTPD site told you to, for implicit TLS?
  4. Did you get any error(s)/message(s) doing so??
Until you provide details or more information, posting the same question over and over is pointless, as is just coming back saying "please help me". You've posted in this thread three times, and nothing has changed yet, and you haven't even acknowledged you have read anything, or answered anyones questions.
Hi,

The got the following error.

150 Opening ASCII mode data connection for file list
Error: GnuTLS error -110: The TLS connection was non-properly terminated.
Error: Transfer connection interrupted: ECONNABORTED - Connection aborted
Response: 226-Transfer complete
Response: 226 Quotas off
Error: Failed to retrieve directory listing in filezilla

and this is my proftpd.conf configuration file.

ServerName "ProFTPD"
#ServerType standalone
ServerType inetd
DefaultServer on
<Global>
DefaultRoot ~ psacln
AllowOverwrite on
</Global>
DefaultTransferMode binary
UseFtpUsers on

<IfModule mod_tls.c>
TLSEngine on
TLSLog /var/log/proftpd/tls.log
TLSProtocol SSLv23
TLSOptions NoCertRequest
TLSRSACertificateFile /opt/ssl/proftpd.cert.pem
TLSRSACertificateKeyFile /opt/ssl/proftpd.key.pem
TLSVerifyClient on
TLSRequired on
</IfModule>
Please advise me.
 
Old 02-28-2013, 03:22 AM   #8
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974
so what do the server logs say? is you Google the error messages (You DID do that already, right?) You'll have already seen that often thislooks like a certificate error on the server side. And clearly as TLS is breaking, this is *NOT* actually abuot a denial of directory listings.

Note that errors to a client are intentionally NOT that useful, especially when it comes to security issues. What did your server side logs say when you looked at them?
 
Old 02-28-2013, 09:47 AM   #9
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 17,921

Rep: Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690
Quote:
Originally Posted by saran_redhat View Post
Hi,
The got the following error.

Please advise me.
Seriously???? Did you bother to read/understand the posts before this??
None of this tells us anything new. AGAIN:
  • What guides did you follow?
  • Have you read/understood the links posted to the ProFTPD site?
  • Did you bother to try to install the mod_tls plugin, as the ProFTPD site told you to, for implicit TLS?
  • Did you get any error(s)/message(s) doing so??
Until you provide details or more information, posting the same question over and over is pointless, as is just coming back saying "please help me". You've posted in this thread three times, and nothing has changed yet, and you haven't even acknowledged you have read anything, or answered anyones questions. All you've done here is AGAIN, post the same error.

PAY ATTENTION: Implicit TLS is very well explained on the Proftpd site. READ what's there, and then INSTALL the plugin and COMPILE ProFTPD with support built in. UNTIL YOU DO THIS, implicit TLS won't work, no matter how many times you come back and tell us it's not working.
 
Old 03-01-2013, 06:08 AM   #10
saran_redhat
Member
 
Registered: May 2009
Location: chennai
Posts: 247

Original Poster
Rep: Reputation: 16
Proftpd issue

Hi,

Thank you for the informations.

Now I sorted out this issues. Using only one changes in proftpd.conf
1. TLSoptions UseImplisitSSL and port 990
Then restart proftpd . Its working fine.

Thanks again

Can anyone tel Is it possible to use selfsigned certificate to use online server using proftpd.
Suggest me please

Quote:
Originally Posted by TB0ne View Post
Seriously???? Did you bother to read/understand the posts before this??
None of this tells us anything new. AGAIN:
  • What guides did you follow?
  • Have you read/understood the links posted to the ProFTPD site?
  • Did you bother to try to install the mod_tls plugin, as the ProFTPD site told you to, for implicit TLS?
  • Did you get any error(s)/message(s) doing so??
Until you provide details or more information, posting the same question over and over is pointless, as is just coming back saying "please help me". You've posted in this thread three times, and nothing has changed yet, and you haven't even acknowledged you have read anything, or answered anyones questions. All you've done here is AGAIN, post the same error.

PAY ATTENTION: Implicit TLS is very well explained on the Proftpd site. READ what's there, and then INSTALL the plugin and COMPILE ProFTPD with support built in. UNTIL YOU DO THIS, implicit TLS won't work, no matter how many times you come back and tell us it's not working.
 
1 members found this post helpful.
Old 03-01-2013, 10:34 PM   #11
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 17,921

Rep: Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690
Quote:
Originally Posted by saran_redhat View Post
Hi,
Thank you for the informations.

Now I sorted out this issues. Using only one changes in proftpd.conf
1. TLSoptions UseImplisitSSL and port 990
Then restart proftpd . Its working fine.
So you followed the instructions and it worked? Congratulations
Quote:
Thanks again

Can anyone tel Is it possible to use selfsigned certificate to use online server using proftpd.
Suggest me please
I will AGAIN suggest you READ THE INSTRUCTIONS. This is ALSO covered on the proftpd site.
 
Old 03-07-2013, 02:36 AM   #12
saran_redhat
Member
 
Registered: May 2009
Location: chennai
Posts: 247

Original Poster
Rep: Reputation: 16
Proftp Issed

Quote:
Originally Posted by TB0ne View Post
So you followed the instructions and it worked? Congratulations

I will AGAIN suggest you READ THE INSTRUCTIONS. This is ALSO covered on the proftpd site.
Hi Friends,

Again I facing new problem in the proftpd with Implicit SSL. Its working fine except Iphone and ipad FTP Application. Application name is Dictamus.
Its connecting the server but Not able to upload files.
I am getting 2 error

1.STOR Command Failed(451-DAC.MP$) Append /Restart not permitted, Try again.
2. Could Not send data (60) in the ipad appications.

Nothing error not showning in the logs


Note : this working fine in the filezilla and winscp.

Kindly Help me on this.
Thanks

Last edited by saran_redhat; 03-07-2013 at 02:48 AM.
 
Old 03-07-2013, 10:21 AM   #13
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 17,921

Rep: Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690
Quote:
Originally Posted by saran_redhat View Post
Hi Friends,
Again I facing new problem in the proftpd with Implicit SSL. Its working fine except Iphone and ipad FTP Application. Application name is Dictamus.
Its connecting the server but Not able to upload files.
I am getting 2 error

1.STOR Command Failed(451-DAC.MP$) Append /Restart not permitted, Try again.
2. Could Not send data (60) in the ipad appications.

Nothing error not showning in the logs Note : this working fine in the filezilla and winscp.
There is nothing we can help you WITH. This is obviously a problem with the iPad and iPhone application. Since you finally read the instructions and got implicit SSL working (and TESTED it), that's as far as it goes with Linux. You're not getting errors in the logs, and the errors you ARE getting are coming from the iPad/iPhone application.

So, contact the developers of that app, use another app, or write your own.
 
Old 03-11-2013, 11:36 PM   #14
saran_redhat
Member
 
Registered: May 2009
Location: chennai
Posts: 247

Original Poster
Rep: Reputation: 16
RegL Proftpd Issue

Quote:
Originally Posted by TB0ne View Post
There is nothing we can help you WITH. This is obviously a problem with the iPad and iPhone application. Since you finally read the instructions and got implicit SSL working (and TESTED it), that's as far as it goes with Linux. You're not getting errors in the logs, and the errors you ARE getting are coming from the iPad/iPhone application.

So, contact the developers of that app, use another app, or write your own.
Thanks for the reply.

I need one more help.
Is it possible to configure Proftp working with default port and SSL. Because some of my ftp users use the default port and other users use SSL port. Please help me on this .

Thanks
 
Old 03-12-2013, 04:52 AM   #15
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974
no, that's nuts.

The point is SSL on FTP, implicit FTP, is decprecated, and should NOT BE USED. If you put implicit FTP on a normal FTP port then it is offiaically different protocol. Just like you can't run HTTPS on an HTTP URL. It makes NO SENSE to say that a client needs implicit SSL on port 21, that's not the standard and so would never be expected ever.
 
1 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Proftpd and SSL/TLS mikeheggy Linux - Networking 3 12-19-2008 11:01 AM
Proftpd with SSL fails at LIST Cyberknox Linux - Server 0 07-20-2008 06:55 AM
Proftpd+SSL/TLS no folder listing g0ug0u Linux - Software 3 11-30-2007 12:30 PM
proftpd ssl problem pct1223 Linux - General 1 04-26-2006 09:23 PM
proftpd and SSL kurrupt Linux - Software 0 11-03-2004 12:39 AM


All times are GMT -5. The time now is 04:52 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration