I have vsftpd working normally listening on port 21, I was asked to get it going using SSL - ie ftps on port 990.
This involves creating another config file /etc/vsftpd/vsftpd_s.conf, this starts a second instance of vsftpd.
I also generated a private key and a digital certificate.
I have followed guides like: [url=http://www.brennan.id.au/14-FTP_Server.html]http://www.brennan.id.au/14-FTP_Server.html[/url]
When I try to connect it hangs at the login stage; even if I try from localhost (ie firewall rules are not a problem).
$ lftp -uaddw,SECRET -d -e "set use-feat off" ftps://localhost
lftp addw@localhost:~> dir
---- Connecting to localhost (::1) port 990
**** Socket error (Connection refused) - reconnecting
---- Closing control socket
---- Connecting to localhost (127.0.0.1) port 990
**** Timeout - reconnecting
---- Closing control socket
Filezilla ''Connection established, initializing TLS...'' before timing out
This should be simple ... please, can anyone offer any clues ? Thanks!
The contents of my vsftpd_s.conf are:
implicit_ssl=YES
rsa_cert_file=/etc/vsftpd/vsftpd.pem
listen_port=990
ftp_data_port=989
# What follows is from vsftp.conf
anonymous_enable=NO
local_enable=YES
write_enable=NO
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
ascii_upload_enable=YES
ascii_download_enable=YES
ftpd_banner=Welcome to the XXXXXXXX FTP service.
listen=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
listen=YES
userlist_deny=NO
userlist_file=/etc/vsftpd/user_list
[SOLVED] vsftpd cannot get to work with ftps
Re: vsftpd cannot get to work with ftps
The missing incantation was:
ssl_enable=YES
Also, since it is encrypted the kernel module nf_nat_ftp cannot help to temporarily punch holes in the firewall, thus I needed to add
pasv_min_port=41200
pasv_max_port=41300
and allow those ports in through the firewall.
ssl_enable=YES
Also, since it is encrypted the kernel module nf_nat_ftp cannot help to temporarily punch holes in the firewall, thus I needed to add
pasv_min_port=41200
pasv_max_port=41300
and allow those ports in through the firewall.
- AlanBartlett
- Forum Moderator
- Posts: 9345
- Joined: 2007/10/22 11:30:09
- Location: ~/Earth/UK/England/Suffolk
- Contact:
Re: [SOLVED] vsftpd cannot get to work with ftps
Thank you for posting the solution ultimately used.
On your behalf (and for posterity) this thread is now marked [SOLVED].
On your behalf (and for posterity) this thread is now marked [SOLVED].