Hi I’m having some troubles with my ftp and I can’t find info about this.
First whenever I try to login with a ftp account filezilla the connection has disconnected after 20 seconds and it is impossible to connect to the server.
Second I did an upgrade to my virtualmin (I did a fresh install, update my debian and all), before ftp worked fine and sftp didn’t work, what should I do to enable sftp as well?
Finally I don’t have the option of choosing scp on this new server for ftp accounts, could you help me out as well?
Thank you so much!
sftp is ssh which works on any linux, same for scp. scp is via ssh which is enabled on every distro by default. ftp is not ssh its two different things. ftp is not sftp as well and ftps is ftp which is secured via ssl cert again which have nothing to do with ssh.
on your file zilla you should select ssh or sftp in your connection tab. username should be your domain admin user(not an ftp user) and password should be domain admin password. I would like to advice you using ssh a.k.a sftp only as it is secure and ftp is not as ftp does transfer everything in clear text.
A newly installed Virtualmin system (installed with any 6.0.x version of the install.sh) will have the following options available for FTP:
- FTP this is the old standard unencrypted thing. It runs on port 20 or 21, depending on whether it is active or passive mode.
- FTPS this is old FTP over a TLS encrypted link.
- SFTP this is FTP over ssh protocol. It is encrypted. In a Virtualmin system it runs on port 2222, by default, because the standard ssh port 22 is already in use for ssh.
Scponly is deprecated and has been removed. SFTP is currently the recommended way to provide restricted access via the ssh protocol. This has some benefits, in that it provides an easy and safe way to chroot users (we also support jailkit in VM6, for chrooting ssh users, but ssh jails are error prone…I don’t really like them).
You’ll also presumably have standard ssh. Whether your users have it or not is up to configuration.
So you don’t need to do anything to enable SFTP or FTPS. They should already be available. But it sounds like you have other problems and talking about other protocols is a distraction. If you can’t login via FTP, why would any other FTP protocol allow you to login ?
We need to figure out why logins are failing. So check the proftpd log and secure.log if you have one. I don’t recall what other logs are involved…but we need to know what the server thinks is happening, because the client isn’t telling us anything.
Also double check your firewalls. Virtualmin sets up a reasonable one with all of its needed ports open, but it is possible you have other firewalls outside of your server (most vps providers have a firewall too). Or if you installed your own firewall instead of the Virtualmin one it could be the problem
I tried with sftp and it logins but gives me the following error:
Received unexpected end-of-file from SFTP server
The following is the login I have from proftpd:
In the dir /var/logs/proftpd there is nothing more.
That looks like connecting to the wrong port. Did you choose port 2222 for connecting via SFTP?
No, I choose port 22, port 21 is for ftp and 22 for sftp
As I mentioned above, SFTP runs on port 2222. 22 is taken by ssh on most systems, so we configure SFTP on port 2222.
Well the connection is “ECONNREFUSED” if i just write the port the port.
If I write the protocol and the port
Resposta: fzSftp started, protocol_version=8
Comando: open “firstname.lastname@example.org” 2222
Erro: Network error: Connection refused
Here is the error.
Is ProFTPd even running?
I’m not sure what else would cause no connection at all. When I nmap your host, it looks like the firewall is behaving correctly.
I think so, is there a way to verify? Where is the process so I can restart?
This is a fresh install, it shouldn’t have any problems.
Is there a way to check for problems and fix them?
Virtualmin shows the running services in the Servers Status section of the dashboard.
You can do anything with any service using the
systemctl command. We use all native packages, so there’s no secret handshake or complicated paths to figure out.
To check status:
# systemctl status proftpd
# systemctl restart proftpd
Here’s the pastebin, I still have the same trouble.
Oh, I see what’s up. There’s a regression in virtualmin-config that led to ProFTPd configuration not happening (regular FTP should still work, but all the secure ones wouldn’t). I’ve just rolled a new version that should be showing up now or soon.
Once you have version 6.0.16 of the virtualmin-config package, run the following command:
# virtualmin config-system --include ProFTPd
After this, SFTP and FTPS should work (FTPS will give cert errors unless/until you add a certificate backed by an authority…Let’s Encrypt works).
Sorry for the confusion, and thanks for reporting the probem. (And, let me know if problems still persist, but this fixed it on my test system.)
Hi, I’ve done like you said, I’ve updated my config file and I also installed a let’s encrypt certificate, but it seems it doesn’t work with me: https://pastebin.com/xaLn0BTa . I got the exact the same errors as before.
well sftp is ssh and it runs on port 22… i am running it on port 22 since I use linux. I mean default settings nothing changed, even on virtualmin…it should work just normally.
Yeah, I had the same configuration before I formatted my server, I never heard of a sftp that doesn’t run on 22.
But in my case, I tried, 21, 22 and 2222 and neither works.
@Joe maybe it is for the best if I pay for a support ticket, no? Because this seems to be a rather big problem, I can only upload to my server via scp with root which is bad.
Hi, if you want to have password-less ssh (sftp or scp) and password enabled ssh for all other users I can help you with that. Or you can completely disable passwords for ssh and use just public keys. its rather 5 minute operation. If you want I write you some sort of manual how to do it and post link to it here. I would like to ask, what distro you are using? Also, just checking, did you installed fail2ban or something similar? - you may want to check if you’re not banned from connection (the ip), but if you did not installed I believe you should be able connect to ssh on port 22 without single issue.
Yeah I want your help, can you help me enable sftp with pass and left ftp without it?
I may have problems with fail2ban:
"root@ns3009614:~# fail2ban-client status
|- Number of jail: 7
`- Jail list: dovecot, postfix, postfix-sasl, proftpd, ssh-ddos, sshd, webmin-auth
By the way ssh works just fine since I access command line on port 22.
Thank you in advance.
Hi, normally for security reasons I always do root without password means ssh keys… all other users can use ssh password. If you want I can enable root with password for you (I will write it in documentation for you how to do it) but I would still advice you to keep root accessible only via ssh keys (this is most secure way and its enabled by default on debian).
note: you would not need to touch your proftpd - if you would use sftp a.k.a ssh, you could turn proftpd OFF.
I think - I did asked you what distro you are using… Can you provide some info like: ubuntu or centos or debian? - thanks.