issues with proftpd with ssl (63 Views)
Reply
Advisor
Yog
Posts: 14
Registered: ‎02-22-2007
Message 1 of 6 (63 Views)

issues with proftpd with ssl

I have installed proftpd 1.3.0 on HP-UX 11.11 with OpenSSL 0.9.8d .I created cert,key,CA and have configured proftpd.conf
When I try connecting from ftp client like reflection or coreftp,i get correct certificate but then my login credentials do not work and I get messages as below on coreftp console

0 ProFTPD 1.3.0a Server (ProFTPD Installation) [IP Address]
AUTH SSL
234 AUTH SSL successful
TLSv1, cipher TLSv1/SSLv3 (DHE-RSA-AES256-SHA) - 256 bit
USER test
331 Password required for test.
PASS **********
530 Login incorrect.


This's happening even when I ensured password for test is correct.
In my proftpd.conf,i am using TLSProtocol SSLv23
Honored Contributor
Peter Godron
Posts: 4,470
Registered: ‎02-13-2002
Message 2 of 6 (63 Views)

Re: issues with proftpd with ssl

Hi Yog,
any additional info in the log file ?
Have you tried resetting the password for test ? Account may be disabled by repeated login attempts.
Honored Contributor
Matti_Kurkela
Posts: 6,271
Registered: ‎12-02-2001
Message 3 of 6 (63 Views)

Re: issues with proftpd with ssl

Read the proftpd logs, they may have more clues.

When a client is refused, the *reason* of the refusal is not normally reported to the client, because the client might be a hostile intruder at that point. The "530 Login incorrect" is a general "no, you won't get in" message - it does not reveal whether the username exists or not.

The proftpd log files may have more detailed information about the login attempt, including the reason why access was denied.
MK
Exalted Contributor
Steven E. Protter
Posts: 33,806
Registered: ‎08-15-2002
Message 4 of 6 (63 Views)

Re: issues with proftpd with ssl

Shalom,

Simple tests:
1) backout the ssl configuration and see if the problem persists. You may need to merely follow the proftpd isntallation guide more carefully. This issue may not be related to ssl. I've seen nothing to indicate that it is.
2) If it works without ssl, recheck the procedure you used to generate that huge 256 bit cypher and file permissions.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Advisor
Yog
Posts: 14
Registered: ‎02-22-2007
Message 5 of 6 (63 Views)

Re: issues with proftpd with ssl

Thank you all for your responses.Somehow I get answers to my problems myself immediately after posting my problems in this forum.It seems this forum is lucky.
The problem was neither with SSL nor with proftpd settings.Actually what happened was I had CHROOT setting done in proftpd directory so as to jail users in a specific directory only.However the user was not having X permissions on directory!!!I am surprised however to see that failure of CHROOT should cause logoff!
Any ways I have another problem-I am able to successfully connect to the server using coreFTP but no luck using Reflection.May be I'll post another thread.
Thanks all again for your generous help.
Advisor
Yog
Posts: 14
Registered: ‎02-22-2007
Message 6 of 6 (63 Views)

Re: issues with proftpd with ssl

Please see my response above
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.