1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

ftp over ssl/tls

Discussion in 'Plesk for Linux - 8.x and Older' started by Dawn, Jun 22, 2006.

  1. Dawn

    Dawn Guest


    I found here sever links to instructions how can it be done but they don't work for me. Can anybody give me step by step instructions how it can be done under debian sarge together with plesk 8.0.1 with the rights which I have to set and where should I store the keys.

    Please don't tell me the same links which are posted here (http://forum.swsoft.com/showthread.php?s=&threadid=26191&highlight=ftp+tls) about this. And I don't want to do it via SSH because I wan't give shell access to my custom ftp users.

    If anybody can help me that would be very nice.

    Greets and thanks,
  2. Dawn

    Dawn Guest

    Is there really nobody who uses secured ftp on his server? Is it possible that I don't have SSL 2.3? If yes, how can I get my ssl version?

    I can't find any fault, so it would be nice if anybody can tell me what else I can try.

    Here my /etc/proftpd.conf:
    # To have more informations about Proftpd configuration
    # look at : [url]http://www.proftpd.org/[/url]
    # This is a basic ProFTPD configuration file (rename it to
    # 'proftpd.conf' for actual use.  It establishes a single server
    # and a single anonymous login.  It assumes that you have a user/group
    # "nobody" and "ftp" for normal operation and anon.
    ServerName                      "ProFTPD"
    ServerType      inetd
    ServerType      inetd
    DefaultServer                   on
    DefaultRoot     ~               psacln
    AllowOverwrite          on
    DefaultTransferMode     binary
    UseFtpUsers                     on
    # Port 21 is the standard FTP port.
    Port                            21
    # Umask 022 is a good standard umask to prevent new dirs and files
    # from being group and world writable.
    Umask                           022
    # To prevent DoS attacks, set the maximum number of child processes
    # to 30.  If you need to allow more than 30 concurrent connections
    # at once, simply increase this value.  Note that this ONLY works
    # in standalone mode, in inetd mode you should use an inetd server
    # that allows you to limit maximum number of processes per service
    # (such as xinetd)
    MaxInstances                    30
    #Following part of this config file were generate by PSA automatically
    #Any changes in this part will be overwritten by next manipulation
    #with Anonymous FTP feature in PSA control panel.
    #Include directive should point to place where FTP Virtual Hosts configurations
    ScoreboardFile /var/run/proftpd/scoreboard
    # Primary log file mest be outside of system logrotate province
    TransferLog /opt/psa/var/log/xferlog
    #Change default group for new files and directories in vhosts dir to psacln
    <Directory /var/www/vhosts>
            GroupOwner      psacln
    # Enable PAM authentication
    AuthPAM on
    AuthPAMConfig proftpd
    # TLS
    TLSEngine on
    TLSLog /var/log/tls.log
    TLSProtocol SSLv23
    TLSOptions NoCertRequest
    TLSRSACertificateFile /etc/ssl/certs/proftpd.cert.pem
    TLSRSACertificateKeyFile /etc/ssl/certs/proftpd.key.pem
    TLSVerifyClient off
    ExtendedLog             /var/log/ftp_auth.log AUTH auth
    ExtendedLog /var/log/ftp_paranoid.log ALL default
    # delay on login off
    IdentLookups off
    UseReverseDNS off
    AuthGroupFile   /etc/group
    Include /etc/proftpd.include