Re: HOWTO : Create a FTP server with user access (proftpd)
wow! great guide!
i managed to use your guide as a base for setting up my own multi user server (see here: http://ubuntuforums.org/showthread.php?t=466582)
but, i wanted to try encrypted FTP, and i managed to follow your instructions and now my server operates only on SSL (as i would like...) but when i try to connect this is the output i get
Code:
WinSock 2.0 -- OpenSSL 0.9.8b 04 May 2006
[R] Connecting to 192.168.2.88 -> IP=192.168.2.88 PORT=1396
[R] Connected to 192.168.2.88
[R] 220 you're at home
[R] AUTH TLS
[R] 234 AUTH TLS successful
[R] Connected. Negotiating TLSv1 session..
[R] error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure
[R] Failed TLSv1 negotiation, disconnected
[R] Connection failed (Connection closed by client)
[R] Delaying for 120 seconds before reconnect attempt #1
[R] Retry attempt Aborted
this output comes from flashfxp 3.4.0 running on windows x64
any ideas?
Re: HOWTO : Create a FTP server with user access (proftpd)
Quote:
Originally Posted by
Darth_tater
wow! great guide!
i managed to use your guide as a base for setting up my own multi user server (see here:
http://ubuntuforums.org/showthread.php?t=466582)
but, i wanted to try encrypted FTP, and i managed to follow your instructions and now my server operates only on SSL (as i would like...) but when i try to connect this is the output i get
Code:
WinSock 2.0 -- OpenSSL 0.9.8b 04 May 2006
[R] Connecting to 192.168.2.88 -> IP=192.168.2.88 PORT=1396
[R] Connected to 192.168.2.88
[R] 220 you're at home
[R] AUTH TLS
[R] 234 AUTH TLS successful
[R] Connected. Negotiating TLSv1 session..
[R] error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure
[R] Failed TLSv1 negotiation, disconnected
[R] Connection failed (Connection closed by client)
[R] Delaying for 120 seconds before reconnect attempt #1
[R] Retry attempt Aborted
this output comes from flashfxp 3.4.0 running on windows x64
any ideas?
I never could get encryption to work either but from what I see, you're trying to use 2 different protocols, TLSv1 and SSLv3, those can't communicate properly I don't think. Is there an preference within FlashFXP for the encypt protocol that is used? sorry I couldn't be of more help.
Re: HOWTO : Create a FTP server with user access (proftpd)
Darth_tater, Are you sure to have selected the right protocol ? The instruction in my guide are for TLS encryption (also called FTPS) not SSL (which is called SFTP).
Re: HOWTO : Create a FTP server with user access (proftpd)
uhh, as ia said above flashfxp 3.4.0 running on windows x64
here is a screenshot...
http://img338.imageshack.us/img338/2774/ftpdl4.th.jpg
Re: HOWTO : Create a FTP server with user access (proftpd)
Could you try with another FTP client just to be sure that it's not a FTP client issue, ? If you have firefox you can try the fireFTP extension it has TLS support.
Re: HOWTO : Create a FTP server with user access (proftpd)
nvm fixed it**
post edited**
Re: HOWTO : Create a FTP server with user access (proftpd)
I haven't tried this in a very long time but I just found this and it may or may not help you. BUt according to this link: http://www.verio.com/support/documen...fm?doc_id=2261
you need to ensure that your server will accept various ciphers of the TLS/SSL encryption so they suggest adding this to your TLS section within your proftpd.conf file.
TlsCipherList ALL:!EXP
As I said, don't know if it will help, just found it and thought what the hell, might as well let him know. Good luck
Re: HOWTO : Create a FTP server with user access (proftpd)
I have followed the guide step by step but I can't get it to work. I try to log on to my servers ftp from IE, I type the correct port and the login box pops up. I enter the correct information and the box dissapears and it start to load, then nothing happens, it never gets passed the loading part. Anyone who has a solution for this?
Re: HOWTO : Create a FTP server with user access (proftpd)
Heinrisch, we need more details to help you like your config, you proftpd.conf, the log of your FTP client and in general all informations that can help to make an analysis. Without that it will be hard to help you.
Re: HOWTO : Create a FTP server with user access (proftpd)
This is my config:
Code:
# To really apply changes reload proftpd after modifications.
AllowOverwrite on
AuthAliasOnly on
# Choose here the user alias you want !!!!
UserAlias samba userftp
ServerName "wihoo"
ServerType standalone
DeferWelcome on
MultilineRFC2228 on
DefaultServer on
ShowSymlinks off
TimeoutNoTransfer 600
TimeoutStalled 100
TimeoutIdle 2200
DisplayFirstChdir .message
ListOptions "-l"
RequireValidShell off
TimeoutLogin 20
RootLogin off
# It's better for debug to create log files ;-)
ExtendedLog /var/log/ftp.log
TransferLog /var/log/xferlog
SystemLog /var/log/syslog.log
#DenyFilter \*.*/
# I don't choose to use /etc/ftpusers file (set inside the users you want to ban, not useful for me)
UseFtpUsers off
# Allow to restart a download
AllowStoreRestart on
# Port 21 is the standard FTP port, so you may prefer to use another port for security reasons (choose here the port you want)
Port 1112
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 8
# Set the user and group that the server normally runs at.
User nobody
Group nogroup
# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask 022 022
PersistentPasswd off
MaxClients 8
MaxClientsPerHost 8
MaxClientsPerUser 8
MaxHostsPerUser 8
# Display a message after a successful login
AccessGrantMsg "welcome !!!"
# This message is displayed for each access good or not
ServerIdent on "you're at home"
# Set /home/FTP-shared directory as home directory
DefaultRoot /home/FTP-shared
# Lock all the users in home directory, ***** really important *****
DefaultRoot ~
MaxLoginAttempts 5
#VALID LOGINS
<Limit LOGIN>
AllowUser userftp
DenyALL
</Limit>
<Directory /home/FTP-shared>
Umask 022 022
AllowOverwrite off
<Limit MKD STOR DELE XMKD RNRF RNTO RMD XRMD>
DenyAll
</Limit>
</Directory>
<Directory /home/FTP-shared/download/*>
Umask 022 022
AllowOverwrite off
<Limit MKD STOR DELE XMKD RNEF RNTO RMD XRMD>
DenyAll
</Limit>
</Directory>
<Directory> /home/FTP-shared/upload/>
Umask 022 022
AllowOverwrite on
<Limit READ RMD DELE>
DenyAll
</Limit>
<Limit STOR CWD MKD>
AllowAll
</Limit>
</Directory>
Its basically the same as the example, I thinkn I only changed the username and the port. Im running the latest version of the ubuntu server.
This is what my ftp log says:
Code:
...
::ffff:192.168.1.1 UNKNOWN nobody [14/Jun/2007:22:22:16 -0400] "USER samba" 331 -
::ffff:192.168.1.1 UNKNOWN userftp [14/Jun/2007:21:22:16 -0500] "PASS (hidden)" 230 -
::ffff:192.168.1.1 UNKNOWN userftp [14/Jun/2007:21:22:16 -0500] "CWD /" 250 -
::ffff:192.168.1.1 UNKNOWN userftp [14/Jun/2007:21:22:16 -0500] "TYPE A" 200 -
::ffff:192.168.1.1 UNKNOWN userftp [14/Jun/2007:21:22:16 -0500] "PASV" 227 -
...
When I try to log this happens:
I connect, get respons from server asking me for password, sending back password and then it timeouts..