The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

ftp secure connections

Discussion in 'General Discussion' started by Radio_Head, Sep 2, 2003.

Thread Status:
Not open for further replies.
  1. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    38
    Hello

    My clients want to connect to ftp using an encrypt connection for commands and data .

    Anyone knows how to offer ftp secure connections to users ?.

    Thank you!
     
    #1 Radio_Head, Sep 2, 2003
    Last edited: Sep 18, 2003
  2. ciphervendor

    ciphervendor Well-Known Member

    Joined:
    Aug 26, 2002
    Messages:
    1,052
    Likes Received:
    0
    Trophy Points:
    36
    I use ProFTP and cPanel recently added the ability to use TLS to connect to the machine. I would suggest that you have your client consider TLS over SSL and enable TLS in their FTP client. Further to this, cPanel doesn't verify the authenticity of the client certificate, so you can either use a fake one or try to connect without one.

    cPanel.net Support Ticket Number:
     
  3. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    38
    i use proftp too , however is the first time I read about TLS .
    How to connect with TLS ? I use WsFTP and there is no menu regarding TLS ...

    Thank you!!

    cPanel.net Support Ticket Number:
     
  4. ciphervendor

    ciphervendor Well-Known Member

    Joined:
    Aug 26, 2002
    Messages:
    1,052
    Likes Received:
    0
    Trophy Points:
    36
    I don't use wsFTP, but rather an awesome alternative...smartftp.com

    Once you install smart ftp, you can go into the options and configure the ftp client to detect and connect via TLS.

    cPanel.net Support Ticket Number:
     
  5. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    38
    tls use a particular port to connect ? Or use always port 21 ?
    I am trying to use smartftp but I am not able to connect using tls ...

    Thank you!

    cPanel.net Support Ticket Number:
     
  6. annamarie

    annamarie Member

    Joined:
    Jul 31, 2003
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Hello Radio_Head!

    Have you solved your tls/smartftp problem yet?

    I connect with smartftp and tls to my cpanel box running proftpd 1.2.8

    In smartftp you still use port 21.
    In settings - connection - ssl - set AUTH mode to TLS, data connection mode Private and tick Use client cert.

    Also, make sure next to your ftp address click the icon next to "address" and select "FTP over SSL explicit"

    Thats it!

    cPanel.net Support Ticket Number:
     
  7. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    38
    Thank you Annamarie .


    However I have still problems to connect .

    I have proftpd-1.2.8tls-2_linuxprivs on my box , and it should be ok .

    I followed your instructions step by step but I receive

    220 ProFTPD 1.2.8 Server (ftp.mybox) [my_ip]
    AUTH TLS
    500 AUTH not understood



    on my proftpd.conf file I have this

    <IfModule mod_tls.c>
    TLSEngine on
    TLSProtocol TLSv1
    TLSRequired off
    TLSRSACertificateFile /etc/ftpd-rsa.pem
    TLSRSACertificateKeyFile /etc/ftpd-rsa-key.pem
    TLSVerifyClient off
    </IfModule>


    All seems ok ,...argh..:( , why is it not working on my box ?
     
    #7 Radio_Head, Sep 3, 2003
    Last edited: Sep 3, 2003
  8. annamarie

    annamarie Member

    Joined:
    Jul 31, 2003
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Hi Radio Head,

    your proftpd.conf file looks the same as mine.

    Do you have the files /etc/ftpd-rsa.pem /etc/ftpd-rsa-key.pem on your box? I have them and they are dated Aug17.

    BTW i am running WHM 7.4.2 cPanel 7.4.2-S82
    RedHat 7.3 - WHM X v2.1

    I just checked in SmrtFTP and I can also connect not only through TLS, but TLS-C TLS-P and SSL.

    eg

    220 ProFTPD 1.2.8 Server (ProFTPD) [xx.xx.net]
    AUTH SSL
    234 AUTH SSL successful
    Connected. Exchanging encryption keys...
    Session Cipher: 128 bit RC4
    SSL encrypted session established.
    PBSZ 0
    200 PBSZ 0 successful


    FYI:
    # locate mod_tls.c
    /root/installd/buildapache/apache_1.3.27/src/os/netware/mod_tls.c
    /home/cpapachebuild/buildapache/apache_1.3.28/src/os/netware/mod_tls.c

    Hope this helps

    cPanel.net Support Ticket Number:
     
  9. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    38
    Hi Annamarie

    I have mod_tls.c only on
    /home/cpapachebuild/buildapac~pache_1.3.28/src/os/netware/

    probably I will have to execute a /scripts/easyapache to fix the problem .


    Thanks a lot
     
    #9 Radio_Head, Sep 3, 2003
    Last edited: Sep 3, 2003
  10. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    38
    nothing to do ... execute /scripts/easyapache but I still cannot connect using tls ...

    cPanel.net Support Ticket Number:
     
  11. NeutralGold

    NeutralGold Well-Known Member

    Joined:
    Jun 5, 2002
    Messages:
    233
    Likes Received:
    0
    Trophy Points:
    16
    If I'm not mistakin you will need to generate a key for this? It uses an ssl key I believe because it allows me to connect to one of my site's that has an ssl key and the other's it won't.

    cPanel.net Support Ticket Number:
     
  12. annamarie

    annamarie Member

    Joined:
    Jul 31, 2003
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    I think NeutralGold is right, I have a self signed cert on my main domain, same ip as the sites I am ftping to.

    cPanel.net Support Ticket Number:
     
  13. jamesbond

    jamesbond Well-Known Member

    Joined:
    Oct 9, 2002
    Messages:
    738
    Likes Received:
    1
    Trophy Points:
    18
    I tried it and I get the same error.

    I'm running proftpd-1.2.8tls-2_linuxprivs

    cPanel.net Support Ticket Number:
     
  14. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    38
    I opened a ticket and I received this

    ========
    [cPanel tickets ID# 22672] Re:
    Ok this is a known issue I have been informed, The developers are now looking into it.
    ========

    ok ;)

    They are working also to permit us to connect
    via ftps on port 21 .

    cPanel.net Support Ticket Number: 22672
     
    #14 Radio_Head, Sep 4, 2003
    Last edited: Sep 4, 2003
  15. SigilStudios

    SigilStudios Member

    Joined:
    Apr 7, 2003
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    I am also very much interested in this. i had a ticket in for the exact same thing.

    What I would realy like is for them to support tls on PureFTPD. Now that would be spiffy. :)

    cPanel.net Support Ticket Number:
     
  16. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    38
    still doesn't work ...

    cPanel.net Support Ticket Number:
     
  17. JPmorgan

    JPmorgan BANNED

    Joined:
    Aug 19, 2003
    Messages:
    93
    Likes Received:
    0
    Trophy Points:
    6
    God you are persistant! Why dont you calm down? If their bugs fixes are any indication on how often they read the forums, hardly ever, then I cant see how your going to speed up your request by bombing the thread you with repeated annoyance. Is that how they do it in Italy?

    cPanel.net Support Ticket Number:
     
  18. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    38
    Of course I am persinstant because about 10 days ago on ticket they promised me resolution via forum . But after 10 day I cannot see any signal of the resolution neither via ticket neither via forum , and it's causing me problem with my users . My users are boring me each day , and for this i need to know why ftps is not working . Since no reply from ticket , and no reply from forum , ony way is to ask each day the status of the problem. I am not bombing , I am simply putting to the evidence of Darkorb the problem as THEY suggested me on Ticket 22672. Since I cannot sticky the discussion , only way to remember the problem to darkorb is bumping the ticket . I am bumping I am not bombing.

    The problem with ftps is not only on my box , I know it's a common problem for several cpanel clients. Major doesn't know simply because they don't care on security and use ftp instead of ftps .
    Do you have this problem with ftps or no ?
     
    #18 Radio_Head, Sep 16, 2003
    Last edited: Sep 16, 2003
  19. Juanra

    Juanra Well-Known Member

    Joined:
    Sep 22, 2001
    Messages:
    777
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Spain
    Have you tried using the server's hostname or its IP as the FTP server host name?

    cPanel.net Support Ticket Number:
     
  20. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    38
    Juanra with hostname tls works (!)
    I can login with tls or ftps ... implicit or explicit ..
    but my ftp client is not returning
    folders ... uhmm ...
     
    #20 Radio_Head, Sep 17, 2003
    Last edited: Sep 17, 2003
Loading...
Thread Status:
Not open for further replies.

Share This Page