FTP additional accounts

[mrclmb]

Hi,

We have just setup our own internal cpanel server and are having issues with using additional ftp accounts. Special admin acconts will connect to cpanel using SFTP with no problems. If I create an additional account and use FTP, the connection is denied with the following error:

Conection refused. Your connection attempt was rejected. The server may be down or your network may not properly be configured.

This error occurs either typing the details in manually or using the configuration files dowloaded for cyberduck from the cpanel webserver. I am using the [email protected] details to try to connect to the server.

I have tried enabling broken ftp clients and re-installing pure-ftpd without effect and passive ftp should enabled by default.

Details of our install are as follows:

/envtype ; grep CPANEL= /etc/cpupdate.conf
/etc/redhat-release:CentOS Linux release 7.6.1810 (Core)
/usr/local/cpanel/version:11.80.0.11
/var/cpanel/envtype:vmware
CPANEL=release

Thanks,

Tim

 

[sparek-3]

Are you trying to connect with SFTP or with regular FTP?

Note, these are two different systems. FTP is based off of pure-ftpd (usually... proftpd is another FTP service that cPanel supports). SFTP is based off of SSH.

SFTP won't work for additional FTP users... at least as far as I know - in cPanel iteration of SFTP.

ProfTPDd has an extension that allows SFTP through ProFTPd. I actually suggested many years ago that cPanel consider implementing this in their system, but it got no traction. I've implemented this myself on our servers and I've tied in the additional FTP users with this. But it goes beyond what cPanel will provide and it involves a lot of server setup - there's no "click this button and it's done"

 

[mrclmb]

Hi,

Thanks for the reply, I am using regular FTP for the additional users.

 

[sparek-3]

Can you verify the FTP home directory for this specific FTP sub user is set correctly?

cat /etc/proftpd/%cpaneluser% | grep ^[email protected] | awk -F ":" '{print $6}' | xargs -n1 ls -ald

replacing %cpaneluser% with the overall cPanel account of the account you are referring to and [email protected] with the full FTP subuser username that you are referring to.

I'm wondering if this issue might be related to what I have found regarding the thread:

New Thread - Sub FTP accounts - home directory overwrite?

 

[mrclmb]

Hi,

Thanks for the reply. I have ran the command and my home directory does not appear to have an @ symbol in them, and edited output of the command is:

/home/username/public_html/websitename/subusername

I also ran the code in the quoted thread and no directories were returned.

 

[cPanelLauren]

Based on:

Conection refused. Your connection attempt was rejected

It sounds like the connection attempt is being rejected by the server which would mean that there's something blocking it. Can you confirm that ports 21 and 20 are both open and you might want to ensure that passive ports are open.

 

[mrclmb]

Hi,

Thanks for your reply.I have configured passive ports and port 21 is open. I have added port 20 to the firewall in the underlying centos OS however it still shows as being closed. Is there a way of opening port 20 in WHM?

Thanks,

Tim