Secure ftp while connecting with Filezilla


(Jozef Francois) #1

NethServer Version: 7.4.1708
Module: vsftpd

I run Netserver on VPS. Every time I connect with the server through Filezilla, I get a message that the server is insecure and doesn’t support FTP over TLS.
I have installed Let’s Encrypt certificate. SSL/TLS works for e-mail.
Wikipedia shows : “vsftpd supports explicit (since 2.0.0) and implicit (since 2.1.0) FTPS.”

Am I missing something? Does vsftpd need to be configured so that secure transmission is enabled?

(Jeroen Visser) #2

The config from Nethserver doesnt support ftpes out of the box. It can be added with a little bit of extra config:

  1. mkdir -p /etc/e-smith/templates-custom/etc/vsftpd/vsftpd.conf

  2. touch /etc/e-smith/templates-custom/etc/vsftpd/vsftpd.conf/90ssl

  3. edit the just created /etc/e-smith/templates-custom/etc/vsftpd/vsftpd.conf/90ssl and add:


  4. signal-event nethserver-vsftpd-update

Edit: given how simple this is, it should be a checkbox, really

(Markus Neuberger) #3

templates shouldn’t be copied as system updates may provide updated templates, which will never have effect because of getting overwritten by copied custom templates.

Better way would be something like /etc/e-smith/templates-custom/etc/vsftpd/vsftpd.conf/90ftps.

Funny, I also saw the Filezilla message today, thought about a custom template and you just did it. Thanks!

(Jeroen Visser) #4

thanks for pointing that out! Will change immediately :slight_smile:

(Michael Träumner) #5

What is about using SCP? This works out of the box.

(Markus Neuberger) #6

For FileZilla to work, you need to enable SFTP on the server because FileZilla lacks SCP support AFAIK.

(Michael Träumner) #7

At a windows mashine I do it with Win-SCP. That works fine.

(Eric) #8

When forcing FTP over SSL/TLS, seems I can only connect via an active FTP connection. Guessing I need to configure the firewall for passive FTP now…

Is that correct?

(Eric) #9

OK I think I found it.

I added “ftp:FTP(HELPER) loc -” to /etc/shorewall/rules