FTPS user with limited access

Simple question: how do I set up FTP users with access only to a specific web site, with TLS encryption?

I am trying to use the ftp-password or ftp-users file in /srv/example.com/config but cannot get this working.

I am using the main hostname for the server not example.com. The version of pure-ftpd is v1.0.49

I get this in Filezilla:

Status: Connection established, waiting for welcome message…
Response: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
Response: 220-You are user number 1 of 50 allowed.
Response: 220-Local time is now 16:44. Server port: 21.
Response: 220-This is a private system - No anonymous login
Response: 220-IPv6 connections are also welcome on this server.
Response: 220 You will be disconnected after 15 minutes of inactivity.
Command: AUTH TLS
Response: 234 AUTH TLS OK.
Status: Initializing TLS…
Error: GnuTLS error -110: The TLS connection was non-properly terminated.
Status: Server did not properly shut down TLS connection
Status: Connection attempt failed with ECONNABORTED - Connection aborted.

Thanks for any help!

Tim

Any normal ‘FTP-S’/‘FTP with SSL’ connection should work fine (depending on what the client calls it), and non-encrypted connections are disabled in Sympl.

For passwords in ftp-password, you’ll need to make sure you’re using the ‘domain’, as the username, so example.com, and for users in ftp-users, you need to use the username user@example.com with the username swapped out.

Regarding what hostname you use, there’s no SNI with the FTP server, so you’ll want to use the default hostname of the server, or be okay with accepting the cert with a different name (which most clients arent that bothered about).

1 Like

Thanks so much - and apologies, this turned out to be an issue with our firewall and I am kicking myself because I have had this problem before!

It is working fine now.

Tim

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.