Code:
root@ubuntu:~# systemctl restart proftpd.service
Job for proftpd.service failed because the control process exited with error code. See "systemctl status proftpd.service" and "journalctl -xe" for details.
im getting that error, i cant paste my TLS conf file cause its on a vmware machine and i dont know how to scroll it down to select more info to paste the entire thing in linux
i was following an old guide on how to install and setup proftpd and openssl but it doesnt work
heres my TLS file
Code:
#
# Proftpd sample configuration for FTPS connections.
#
# Note that FTPS impose some limitations in NAT traversing.
# See http://www.castaglia.org/proftpd/doc/contrib/ProFTPD-mini-HOWTO-TLS.html
# for more information.
#
<IfModule mod_tls.c>
TLSEngine on
TLSLog /var/log/proftpd/tls.log
TLSProtocol SSLv23
#TLSCipherSuit AES128+EECDH:AES128+EDH
#TLSOptions NoCertRequest AllowClientRenegotiations
#TLSRSACertificateFile /etc/proftpd/ssl/proftpd.cert.pem
#TSLRSACertificateKeyFile /etc/proftpd/ssl/proftpd.key.pem
#TLSVerifyClient off
#TLSRequired on
#RequireValidShell no
# a command like:
#
# openssl req -x509 -newkey rsa:1024 \
# -keyout /etc/ssl/private/proftpd.key -out /etc/ssl/certs/proftpd.crt$
# -nodes -days 365
#
# The proftpd.key file must be readable by root only. The other file can be
# readable by anyone.
#
chmod 0600 /etc/ssl/private/proftpd.key
chmod 0640 /etc/ssl/private/proftpd.key
#
TLSRSACertificateFile /etc/ssl/certs/proftpd.crt
TLSRSACertificateKeyFile /etc/ssl/private/proftpd.key
#
# CA the server trusts...
TLSCACertificateFile /etc/ssl/certs/CA.pem
# ...or avoid CA cert and be verbose
TLSOptions NoCertRequest EnableDiags
chmod 0640 /etc/ssl/private/proftpd.key
#
TLSRSACertificateFile /etc/ssl/certs/proftpd.crt
TLSRSACertificateKeyFile /etc/ssl/private/proftpd.key
#
# CA the server trusts...
TLSCACertificateFile /etc/ssl/certs/CA.pem
# ...or avoid CA cert and be verbose
TLSOptions NoCertRequest EnableDiags
# ... or the same with relaxed session use for some clients (e.g. FireFtp)
TLSOptions NoCertRequest EnableDiags NoSessionReuseRequired
#
#
# Per default drop connection if client tries to start a renegotiate
# This is a fix for CVE-2009-3555 but could break some clients.
#
TLSOptions AllowClientRene$
#
# Authenticate clients that want to use FTP over TLS?
TLSOptions NoCertRequest EnableDiags NoSessionReuseRequired
#
#
# Per default drop connection if client tries to start a renegotiate
# This is a fix for CVE-2009-3555 but could break some clients.
#
TLSOptions AllowClientRene$
#
# Authenticate clients that want to use FTP over TLS?
#
TLSVerifyClient off
#
# Are clients required to use FTP over TLS when talking to this server?
#
TLSRequired off
#
# Allow SSL/TLS renegotiations when the client requests them, but
# do not force the renegotations. Some clients do not support
# SSL/TLS renegotiations; when mod_tls forces a renegotiation, these
TLSVerifyClient off
#
# Are clients required to use FTP over TLS when talking to this server?
#
TLSRequired off
#
# Allow SSL/TLS renegotiations when the client requests them, but
# do not force the renegotations. Some clients do not support
# SSL/TLS renegotiations; when mod_tls forces a renegotiation, these
# clients will close the data connection, or there will be a timeout
# on an idle data connection.
#
TLSRenegotiate required off
</IfModule>
not sure if thats even the problem or not or why im getting an error restarting proftpd