The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Pure-Ftpd Not Working on cPanel 56

Discussion in 'General Discussion' started by luisamaral, May 3, 2016.

  1. luisamaral

    luisamaral Registered

    Joined:
    May 3, 2016
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Brasil
    cPanel Access Level:
    Root Administrator
    Hi,

    After upgrading to cPanel 56.0 (build 9), I can't connect to the FTP, using TLS, with my Netbeans FTP Client.
    Before this upgrade, on FTP Server Configuration, was using "Broken Clients Compatibility" = "Yes" .

    I have tried change "Broken Clients Compatibility" to "No", but didn't work.

    Here are the logs:

    At FTP client:
    - Could not generate DH Keypair
    - Prime size must be multiple of 64, and can only range from 512 to 2048 (inclusive)

    At server, /var/log/messages:
    pure-ftpd: [WARNING] Sorry, cleartext sessions and weak ciphers are not accepted on this server.#012Please reconnect using SSL/TLS security mechanisms.

    Any idea how to solve this?

    Thanks
     
    #1 luisamaral, May 3, 2016
  2. Metro2

    Metro2 Well-Known Member

    Joined:
    May 24, 2006
    Messages:
    394
    Likes Received:
    17
    Trophy Points:
    168
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    Hi luisamaral,

    I know this is a long-shot and might not have anything to do with your issue, but take a look at this other thread - All users get blocked when FTP

    You may need to make sure that your PassivePortRange is set correctly in /var/cpanel/conf/pureftpd/main and if you're running CSF you may need to make sure that the TCP_IN setting in your CSF Firewall Configuration has the port range entered correctly as well.
     
    #2 Metro2, May 3, 2016
  3. Karl

    Karl Well-Known Member
    PartnerNOC

    Joined:
    Aug 10, 2001
    Messages:
    84
    Likes Received:
    1
    Trophy Points:
    308
    The issue is that on April 20th, cPanel generated new DH params for pure-ftpd in:

    /etc/ssl/private/pure-ftpd-dhparams.pem

    They generated 3072 bit params and Jave (as everywhere notes) only supports 2048 bit params.

    You can verify this:

    openssl dh -in /etc/ssl/private/pure-ftpd-dhparams.pem -text -noout

    First line will tell you the size of the params.

    The solution:

    cp /etc/ssl/private/pure-ftpd-dhparams.pem /etc/ssl/private/pure-ftpd-dhparams.pem.bak
    openssl dhparam -out /etc/ssl/private/pure-ftpd-dhparams.pem 2048
    service pure-ftpd restart
     
    #3 Karl, May 9, 2016
    Infopro likes this.
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    35,657
    Likes Received:
    1,138
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    The change stems from the following entry in the cPanel 56 change log:

    Fixed case CPANEL-4968: Update pure-ftpd to 1.0.42-4.cp1156.

    The case addressed an issue that resulted in Pure-ftpd failing to start when the DH parameters file was missing.

    Thank you.
     
    #4 cPanelMichael, May 9, 2016
  5. luisamaral

    luisamaral Registered

    Joined:
    May 3, 2016
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Brasil
    cPanel Access Level:
    Root Administrator
    Thanks Karl.

    As @cPanelMichael said, the file did not exist.
    So , I generated that using the command:

    openssl dhparam -out /etc/ssl/private/pure-ftpd-dhparams.pem 2048

    And now it works.

    Solved.

     
    #5 luisamaral, Jul 3, 2016
    Last edited by a moderator: Jul 3, 2016
(You must log in or sign up to post here.)
Loading...
Similar Threads - Pure Ftpd Working
  1. vipin

    Pure-Ftpd Not Working on cPanel 11.52

    vipin, Oct 15, 2015, in forum: General Discussion
    Replies:
    14
    Views:
    1,404
    Metro2
    Dec 18, 2015
  2. Endre Ottem

    Pure-ftpd, custom settings overwritten?

    Endre Ottem, Apr 19, 2017, in forum: General Discussion
    Replies:
    3
    Views:
    143
    Serra
    Apr 20, 2017
  3. Marc Tremblay

    PureFTPd upload starts over after IP change?

    Marc Tremblay, Mar 30, 2017, in forum: General Discussion
    Replies:
    4
    Views:
    151
    Marc Tremblay
    May 8, 2017
  4. speedmoocow

    Disable SSLv3 PureFTPd

    speedmoocow, Feb 17, 2017, in forum: Security
    Replies:
    1
    Views:
    216
    cPanelMichael
    Feb 17, 2017
  5. grayloon

    SOLVED Pure-FTPd Cipher Settings

    grayloon, Nov 28, 2016, in forum: Security
    Replies:
    9
    Views:
    969
    cPanelMichael
    Apr 7, 2017

Share This Page