vsftpd on CentOS 6 SSL/TLS
Hello,
I am using FileZilla, the latest version 3.7.4.1 on Windows 7, connecting to a CentOS 6.5 Server with vstp installed. I am getting the following, it allowed me to confirm my selfsigned cert. Response: 220 Welcome to XXX XXX. sFTP service. Command: AUTH TLS Response: 234 Proceed with negotiation. Status: Initializing TLS... Status: Verifying certificate... Command: USER ftp Status: TLS/SSL connection established. Response: 530 Anonymous sessions may not use encryption. Error: Could not connect to server Status: Waiting to retry... It just does not seem to want to allow me to connect using TLS My vsftpd config follows # Uncomment this to allow local users to log in. local_enable=YES # Uncomment this to enable any form of FTP write command. write_enable=YES # Default umask for local users is 077. You may wish to change this to 022, # if your users expect that (022 is used by most other ftpd's) local_umask=022 # Activate directory messages - messages given to remote users when they # go into a certain directory. dirmessage_enable=YES # The target log file can be vsftpd_log_file or xferlog_file. # This depends on setting xferlog_std_format parameter xferlog_enable=YES # Make sure PORT transfer connections originate from port 20 (ftp-data). connect_from_port_20=YES # Switches between logging into vsftpd_log_file and xferlog_file files. # NO writes to vsftpd_log_file, YES to xferlog_file xferlog_std_format=YES # You may change the default value for timing out an idle session. idle_session_timeout=600 # You may change the default value for timing out a data connection. data_connection_timeout=120 # You may fully customise the login banner string: ftpd_banner=Welcome to XXX XXX. sFTP service. # You may specify an explicit list of local users to chroot() to their home # directory. If chroot_local_user is YES, then this list becomes a list of # users to NOT chroot(). chroot_local_user=YES chroot_list_enable=YES # (default follows) chroot_list_file=/etc/vsftpd/chroot_list # When "listen" directive is enabled, vsftpd runs in standalone mode and # listens on IPv4 sockets. This directive cannot be used in conjunction # with the listen_ipv6 directive. listen=YES # ssl_enable=YES force_local_data_ssl=YES force_local_logins_ssl=YES ssl_ciphers=HIGH #listen_port=990 #debug_ssl=YES pam_service_name=vsftpd userlist_enable=YES #userlist_deny=YES userlist_deny=NO tcp_wrappers=YES max_per_ip=2 force_dot_files=NO rsa_cert_file=/etc/ssl/private/vsftpd.pem rsa_private_key_file=/etc/ssl/private/vsftpd.pem ssl_tlsv1=YES ssl_sslv2=YES ssl_sslv3=YES pasv_enable=YES port_enable=YES pasv_min_port=10001 pasv_max_port=10009 #pasv_address=X.X.X.X The ports are mapped through the Router. This is driving me up the wall. |
All times are GMT -5. The time now is 08:43 AM. |