The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

FTPS and Pure FTP - Working?

Discussion in 'General Discussion' started by myusername, Nov 5, 2006.

  1. myusername

    myusername Well-Known Member
    PartnerNOC

    Joined:
    Mar 6, 2003
    Messages:
    691
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    chown -R us.*yourbase*
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    I am seeing a lot of old threads on this with conflicting results.

    Does anyone know the current state of FTPS and Pure FTP?

    I notice in the welcome message from the server is says:

    --Welcome To Pure-FTPD[TLS]--

    But this is coming from a log in a program that does not support TLS as far as I know. (old WS_FTP LE) So I am assuming the welcome messages is just that, a message and not indicating the connection has performed the TLS handshake.

    I tried a newer FTP client built into Firefox which has TLS options available but none of them seem to work on port 21, which was my understanding as how cPanel finally decided to integrate TLS into the ftp daemon.

    Anyone have any updated info on this?
     
  2. david510

    david510 Well-Known Member

    Joined:
    Aug 22, 2004
    Messages:
    473
    Likes Received:
    0
    Trophy Points:
    16
    ftps needs jailshell access enabled for the account.
     
  3. myusername

    myusername Well-Known Member
    PartnerNOC

    Joined:
    Mar 6, 2003
    Messages:
    691
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    chown -R us.*yourbase*
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    No, that would be SFTP.

    I am talking about FTPs which is FTP over TLS. Completely diffferent from SFTP which is SSH File Transfer Protocol and is pointless to enable on cPanel IMHO since you have to give out a shell or hack it with rssh just to allow access.

    Anyways the answer to my own questions is yes thats just a message header and does not mean that one has successfully connected to the FTP server over TLS.
     
    #3 myusername, Nov 6, 2006
    Last edited: Nov 6, 2006
  4. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    This is what FTP with TLS/SSL should look like if successful (from a standard cPanel install):

    I use FlashFXP as my FTP client.
     
  5. internetfab

    internetfab Well-Known Member
    PartnerNOC

    Joined:
    Feb 20, 2003
    Messages:
    336
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Gothenburg, Sweden
    cPanel Access Level:
    DataCenter Provider
    Got some problems myself with FTP over TLS. Seems it times out when it tries to retrieve the listing of files. Anyone know why? See the log below.

    Code:
    Status:	Connecting to xxxxxx ...
    Status:	Connected with xxxxxx, negotiating SSL connection...
    Response:	220---------- Welcome to Pure-FTPd [TLS] ----------
    Response:	220-You are user number 6 of 50 allowed.
    Response:	220-Local time is now 20:42. Server port: 21.
    Response:	220-This is a private system - No anonymous login
    Response:	220-IPv6 connections are also welcome on this server.
    Response:	220 You will be disconnected after 15 minutes of inactivity.
    Command:	AUTH TLS
    Response:	234 AUTH TLS OK.
    Status:	SSL connection established. Waiting for welcome message...
    Command:	USER xxxxxx
    Response:	331 User xxxxxx OK. Password required
    Command:	PASS *********
    Response:	230-User xxxxxx has group access to:  xxxxxx
    Response:	230 OK. Current restricted directory is /
    Command:	FEAT
    Response:	211-Extensions supported:
    Response:	 EPRT
    Response:	 IDLE
    Response:	 MDTM
    Response:	 SIZE
    Response:	 REST STREAM
    Response:	 MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
    Response:	 MLSD
    Response:	 ESTP
    Response:	 PASV
    Response:	 EPSV
    Response:	 SPSV
    Response:	 ESTA
    Response:	 AUTH TLS
    Response:	 PBSZ
    Response:	 PROT
    Response:	211 End.
    Command:	SYST
    Response:	215 UNIX Type: L8
    Command:	PBSZ 0
    Response:	200 PBSZ=0
    Command:	PROT P
    Response:	534 Fallback to [C]
    Status:	Connected
    Status:	Retrieving directory listing...
    Command:	PWD
    Response:	257 "/" is your current location
    Command:	TYPE A
    Response:	200 TYPE is now ASCII
    Command:	PORT 213,114,84,62,7,99
    Response:	200 PORT command successful
    Command:	LIST
    Error:	Timeout detected!
    Error:	Could not retrieve directory listing
    
    
    I use filezilla ftp client
     
  6. myusername

    myusername Well-Known Member
    PartnerNOC

    Joined:
    Mar 6, 2003
    Messages:
    691
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    chown -R us.*yourbase*
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    Had the same problem, you need to enable the passive ports in ftpd.conf and all will fly well.
     
  7. internetfab

    internetfab Well-Known Member
    PartnerNOC

    Joined:
    Feb 20, 2003
    Messages:
    336
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Gothenburg, Sweden
    cPanel Access Level:
    DataCenter Provider
    Enabled passive in the pure-ftpd.conf file (uncommented the port range for passive)

    Tried connecting again and got stuck at LIST again but with this message:

    Error: Transfer channel can't be opened. Reason: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
    Error: Could not retrieve directory listing
     
  8. myusername

    myusername Well-Known Member
    PartnerNOC

    Joined:
    Mar 6, 2003
    Messages:
    691
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    chown -R us.*yourbase*
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    You running Chirpy's Firewall?
     
  9. internetfab

    internetfab Well-Known Member
    PartnerNOC

    Joined:
    Feb 20, 2003
    Messages:
    336
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Gothenburg, Sweden
    cPanel Access Level:
    DataCenter Provider
    Yes I am - any ports that need to be opened for it to work?
     
  10. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Actually, from that FTP session log it looks like you need to enable passive mode in your FTP client since it isn't using it.
     
  11. internetfab

    internetfab Well-Known Member
    PartnerNOC

    Joined:
    Feb 20, 2003
    Messages:
    336
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Gothenburg, Sweden
    cPanel Access Level:
    DataCenter Provider
    Yeah I didnt post the full log the second time, I just posted the error message.
    But is there a need to open specific ports in csf for it to work?
     
  12. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    No, there shouldn't be if non-TLS FTP works.
     
  13. internetfab

    internetfab Well-Known Member
    PartnerNOC

    Joined:
    Feb 20, 2003
    Messages:
    336
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Gothenburg, Sweden
    cPanel Access Level:
    DataCenter Provider
    Well I be damned ;)
    Worked from work this time, was trying with passive from home last night and it didn't wanna work - although I tried connecting to another server that time.
     
  14. myusername

    myusername Well-Known Member
    PartnerNOC

    Joined:
    Mar 6, 2003
    Messages:
    691
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    chown -R us.*yourbase*
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    You guys still have a working FTPS after cPanel 11?

    I am getting these now:

     
  15. kran

    kran Well-Known Member

    Joined:
    Jul 5, 2003
    Messages:
    74
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Colombia
    cPanel Access Level:
    Root Administrator
    I´m Also Having problems

    New server, Chirpy´s firewall with the ftp hole, reinstalled pure-ftpd, opened ports, opened passive ports in ftpd conf.

    The program connects to the account, but does not list any files.

    -> 220---------- Welcome to Pure-FTPd [TLS] ----------

    -> 220-You are user number 1 of 50 allowed.

    -> 220-Local time is now 14:32. Server port: 21.

    -> 220-This is a private system - No anonymous login

    -> 220-IPv6 connections are also welcome on this server.

    -> 220 You will be disconnected after 15 minutes of inactivity.

    <- USER franber

    -> 331 User franber OK. Password required

    <- PASS ********

    -> 230-User franber has group access to: franber

    -> 230 OK. Current restricted directory is /

    <- PWD

    -> 257 "/" is your current location

    <- TYPE I

    -> 200 TYPE is now 8-bit binary

    <- PWD

    -> 257 "/" is your current location

    <- PASV

    -> 227 Entering Passive Mode (72,232,xx,xxx,250,192)

    Any help?
     
  16. spearhead

    spearhead Member

    Joined:
    Mar 20, 2004
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    1
    I'm having similar issues. regular FTP fails on LIST. But, it only fails often - not ALL the time, just most of the time. SFTP works ALL the time. This is using many different clients from various ISPs. This is a new development from about 1-2 weeks ago.

    I'm using pure-ftp and the most current CURRENT dist. I tried Pro-ftp with the same results. Passive/Not-passive seems to make no difference. It appears to be a directory list error with FTP. Not a port issue or firewall as I do run APF but turned it off and cleared iptables with the same results.

    Does FTP run under different credentials than SFTP? Could this be a permissions issue server wide?
     
  17. grindlay

    grindlay Active Member

    Joined:
    Dec 8, 2004
    Messages:
    39
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Edinburgh, Scotland
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page