TLS/SSL support with ProFTPd

ebradsha

Member
Sep 12, 2003
14
0
151
I've been trying to get TLS/SSL enabled on ProFTPd, but with every attempt I make I'm tharwarted with the usual FTP client error message:

220 ProFTPD 1.2.8 Server (ProFTPD) [censored.net]
AUTH TLS
500 AUTH not understood

I've scoured this forums and other places, but I haven't been able to find a standard procedure to enable TLS support on ProFTPd. Does anyone have a solution for this problem of mine?

Thanks in advance for any replys.
 

ebradsha

Member
Sep 12, 2003
14
0
151
I do have the following entries in my proftpd.conf

<IfModule mod_tls.c>
TLSEngine on
TLSProtocol TLSv1
TLSRequired off
TLSRSACertificateFile /etc/ftpd-rsa.pem
TLSRSACertificateKeyFile /etc/ftpd-rsa-key.pem
TLSVerifyClient off
</IfModule>
 

markie

BANNED
Oct 5, 2003
143
0
166
Originally posted by ebradsha
I do have the following entries in my proftpd.conf

<IfModule mod_tls.c>
TLSEngine on
TLSProtocol TLSv1
TLSRequired off
TLSRSACertificateFile /etc/ftpd-rsa.pem
TLSRSACertificateKeyFile /etc/ftpd-rsa-key.pem
TLSVerifyClient off
</IfModule>
Is the account Jailed? Check to make sure the account does not have JAILSHELL set in manage jailed accounts in WHM. TLS does not work if the account is jailed.
 

ebradsha

Member
Sep 12, 2003
14
0
151
Nope, I have root access to this server, and the person who's trying to connect via ssl FTP has a regular shell.
 

markie

BANNED
Oct 5, 2003
143
0
166
Originally posted by ebradsha
Nope, I have root access to this server, and the person who's trying to connect via ssl FTP has a regular shell.
Make sure that users account is not jailed. Sometimes even if it says its not jailed it is. A bug!
 

ebradsha

Member
Sep 12, 2003
14
0
151
I checked by logging into their shell, it's definently not jailed. The server they were on before only have them a jailed shell and they were still able to use TLS/SSL upon logging into their FTP.
 

markie

BANNED
Oct 5, 2003
143
0
166
On Cpanel i have never been able to us it if my account was jailed. Search the forums. TLS/SSL has not been implamented via Jailshell and you will find many requests for it. I personally unjailed my own account on my server and i had no issue with logging in but it did give me access to roam my entire server directories and this did not look like a great option to give others.
 

ebradsha

Member
Sep 12, 2003
14
0
151
Ok... this problem doesn't have anything to do with a jailed shell because no one has a jailed shell on this server. Correct me if I'm mistaken.
 

tcwebguy

Active Member
Sep 28, 2001
31
0
306
Bump

Any resolution to this issue?

I get the error, but the connection seems to be accepted. Does that mean that the connection is not secure?