Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Pure-Ftpd Not Working on cPanel 56

Discussion in 'General Discussion' started by luisamaral, May 3, 2016.

  1. luisamaral

    luisamaral Registered

    Joined:
    May 3, 2016
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Brasil
    cPanel Access Level:
    Root Administrator
    Hi,

    After upgrading to cPanel 56.0 (build 9), I can't connect to the FTP, using TLS, with my Netbeans FTP Client.
    Before this upgrade, on FTP Server Configuration, was using "Broken Clients Compatibility" = "Yes" .

    I have tried change "Broken Clients Compatibility" to "No", but didn't work.

    Here are the logs:

    At FTP client:
    - Could not generate DH Keypair
    - Prime size must be multiple of 64, and can only range from 512 to 2048 (inclusive)

    At server, /var/log/messages:
    pure-ftpd: [WARNING] Sorry, cleartext sessions and weak ciphers are not accepted on this server.#012Please reconnect using SSL/TLS security mechanisms.

    Any idea how to solve this?

    Thanks
     
    #1 luisamaral, May 3, 2016
  2. Metro2

    Metro2 Well-Known Member

    Joined:
    May 24, 2006
    Messages:
    408
    Likes Received:
    20
    Trophy Points:
    168
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    Hi luisamaral,

    I know this is a long-shot and might not have anything to do with your issue, but take a look at this other thread - All users get blocked when FTP

    You may need to make sure that your PassivePortRange is set correctly in /var/cpanel/conf/pureftpd/main and if you're running CSF you may need to make sure that the TCP_IN setting in your CSF Firewall Configuration has the port range entered correctly as well.
     
    #2 Metro2, May 3, 2016
  3. Karl

    Karl Well-Known Member
    PartnerNOC

    Joined:
    Aug 10, 2001
    Messages:
    84
    Likes Received:
    1
    Trophy Points:
    308
    The issue is that on April 20th, cPanel generated new DH params for pure-ftpd in:

    /etc/ssl/private/pure-ftpd-dhparams.pem

    They generated 3072 bit params and Jave (as everywhere notes) only supports 2048 bit params.

    You can verify this:

    openssl dh -in /etc/ssl/private/pure-ftpd-dhparams.pem -text -noout

    First line will tell you the size of the params.

    The solution:

    cp /etc/ssl/private/pure-ftpd-dhparams.pem /etc/ssl/private/pure-ftpd-dhparams.pem.bak
    openssl dhparam -out /etc/ssl/private/pure-ftpd-dhparams.pem 2048
    service pure-ftpd restart
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #3 Karl, May 9, 2016
    Infopro likes this.
  4. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,802
    Likes Received:
    1,896
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    The change stems from the following entry in the cPanel 56 change log:

    Fixed case CPANEL-4968: Update pure-ftpd to 1.0.42-4.cp1156.

    The case addressed an issue that resulted in Pure-ftpd failing to start when the DH parameters file was missing.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #4 cPanelMichael, May 9, 2016
  5. luisamaral

    luisamaral Registered

    Joined:
    May 3, 2016
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Brasil
    cPanel Access Level:
    Root Administrator
    Thanks Karl.

    As @cPanelMichael said, the file did not exist.
    So , I generated that using the command:

    openssl dhparam -out /etc/ssl/private/pure-ftpd-dhparams.pem 2048

    And now it works.

    Solved.

     
    #5 luisamaral, Jul 3, 2016
    Last edited by a moderator: Jul 3, 2016
(You must log in or sign up to post here.)
Loading...
Similar Threads - Pure Ftpd Working
  1. Benjamin D.

    SOLVED Pure-FTPD + FileZilla partial uploads get deleted when client's IP changes

    Benjamin D., Sep 25, 2018, in forum: General Discussion
    Replies:
    5
    Views:
    96
    cPanelLauren
    Sep 28, 2018
  2. batesy87

    Pending Publication [CPANEL-22169] Pure-FTPd: Preserve disabled ForcePassiveIP when NAT is active

    batesy87, Sep 12, 2018, in forum: General Discussion
    Replies:
    3
    Views:
    161
    cPanelMichael
    Sep 12, 2018
  3. Spirogg

    SOLVED Pure-FTPd Couldn't load the DH parameters file

    Spirogg, Feb 21, 2018, in forum: General Discussion
    Replies:
    3
    Views:
    1,713
    Spirogg
    Feb 21, 2018
  4. diracuser

    PureFTPD Required FTP explicit over TLS

    diracuser, Jan 18, 2018, in forum: General Discussion
    Replies:
    3
    Views:
    976
    cPanelMichael
    Jan 19, 2018
  5. diWhile1

    Pure-FTPd servers ForcePassiveIP issue

    diWhile1, Oct 24, 2017, in forum: General Discussion
    Replies:
    8
    Views:
    770
    cPanelMichael
    Nov 8, 2017

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice