Page 1 of 1

Confused about setting up FTPs

Posted: 2020-07-06, 01:23 UTC
by dln949
I am quite new to this stuff, so I am sure I’m doing things wrong.

On my Ubuntu desktop computer I have an FTP server running, proftpd. As part of the configuration I thought it would be wise/safer to enable the TLS thing, so in the config file for proftpd I have these settings:

<IfModule mod_tls.c>
TLSEngine on
TLSRequired auth+data
TLSVerifyClient off
TLSLog /var/log/proftpd_tls.log
TLSRSACertificateFile /etc/gadmin-proftpd/certs/cert.pem
TLSRSACertificateKeyFile /etc/gadmin-proftpd/certs/key.pem
TLSCACertificateFile /etc/gadmin-proftpd/certs/cacert.pem
TLSRenegotiate required off

That same config file also has these settings:

Port 65535
ServerName ""
ServerIdent on "system"
PassivePorts 49152 65534

In Total Commander on my android device I have the FTP plugin installed. I have it set to connect to this address: And, I have the SSL box checked, and the use passive mode checked. (Don't know what that passive ports stuff means, though.)

When I try to connect from the FTP client plugin in Total Commander on my Android Device to my FTP server on the Ubuntu Desktop, I get this error message:


This isn’t telling me much.

What does this message mean?

What settings do I need to adjust to make this work?

Thanks in advance.

P.S.: When I turn off the TLS stuff in the proftpd config file, and uncheck the SSL box and the passive mode box in the FTP Total Commander plugin, using just plain FTP, I can connect just fine. In case that helps.

Re: Confused about setting up FTPs

Posted: 2020-07-07, 13:11 UTC
by ghisler(Author)
Try creating a log file to see how far TC gets:
1. Switch to the internal SD card by going to the home folder, and then tap on the first entry in the list
2. Create a new folder named .TotalCommander including the dot at the beginning (if it doesn't exist yet)
3. You may need to enable the display of hidden files in the TC configuration if you cannot see that folder.
4. Go inside this folder .TotalCommander
5. Create a new file named log.txt by holding down a finger on the first line (..)
6. Close Total Commander via "X" button and restart it

Re: Confused about setting up FTPs

Posted: 2020-07-08, 06:32 UTC
by dln949
Here is the log, it is quite short:

2020-07-08 01:27:28.578 HOST:FTP:initiate connection to plugin
2020-07-08 01:27:28.590 HOST:FTP:bindService succeeded
2020-07-08 01:27:28.598 HOST:FTP:Service connected!
2020-07-08 01:27:28.600 HOST:FTP:WaitUntilConnected:Background
2020-07-08 01:27:28.600 HOST:FTP:get dir: /
2020-07-08 01:27:29.689 HOST:FTP:checkConnectionAlive: 1
2020-07-08 01:27:29.796 HOST:FTP:get dir: /system1/
2020-07-08 01:27:29.798 FTP:Get directory.../system1/
2020-07-08 01:27:29.823 FTP:Resolving server address...
2020-07-08 01:27:29.823 FTP:Connecting...
2020-07-08 01:27:29.924 FTP:Connect, waiting for login...
2020-07-08 01:27:29.925 FTP:220 system1
2020-07-08 01:27:29.925 FTP:Logging in...
2020-07-08 01:27:29.925 FTP:AUTH TLS
2020-07-08 01:27:29.928 FTP:234 AUTH TLS successful
2020-07-08 01:27:29.948 FTP:OFFLINE!

Re: Confused about setting up FTPs

Posted: 2020-07-08, 10:56 UTC
by ghisler(Author)
The TLS/SSL authentication seems to fail. Could you check for clues in /var/log/proftpd_tls.log please?

Re: Confused about setting up FTPs

Posted: 2020-07-08, 16:33 UTC
by dln949
Here is the contents of /var/log/proftpd_tls.log, not sure what it means nor what it is telling me:

2020-07-08 01:27:30,860 mod_tls/2.6[21364]: error loading TLSRSACertificateFile '/etc/gadmin-proftpd/certs/cert.pem':
(1) error:140AB18E:SSL routines:SSL_CTX_use_certificate:ca md too weak
2020-07-08 01:27:30,860 mod_tls/2.6[21364]: error initializing OpenSSL context for this session
2020-07-08 01:27:30,947 mod_tls/2.6[21364]: TLS/TLS-C requested, starting TLS handshake
2020-07-08 01:27:30,963 mod_tls/2.6[21364]: unable to accept TLS connection: protocol error:
(1) error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared cipher
2020-07-08 01:27:30,963 mod_tls/2.6[21364]: SSL_shutdown error: SSL:
(1) error:140E0197:SSL routines:SSL_shutdown:shutdown while in init
2020-07-08 01:27:30,963 mod_tls/2.6[21364]: TLS/TLS-C negotiation failed on control channel

Re: Confused about setting up FTPs

Posted: 2020-07-09, 09:09 UTC
by ghisler(Author)
Apparently the certificate at /etc/gadmin-proftpd/certs/cert.pem cannot be used because it is too weak. Try to create a new one with stronger encryption. I don't know if that's the reason for the failed login, but it's worth a try.