I have an existing internet-facing FTP server which I want to convert to FTPS. It’s a vsftpd server running on Ubuntu. I have allowed port 990 through the firewall (in addition to port 21 which was already allowed), forwarded both ports to the FTP server on the router, and added these lines to my vsftpd.conf file:
rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem
ssl_enable=YES
allow_anon_ssl=NO
I used OpenSSL to generate the vsftpd.pem certificate.
Now when I try to connect I get this error:
TLS Connection established. Waiting for welcome message...Access denied"
I’m using WinSCP to connect, as before, with the same settings and credentials as were previously working for FTP, but with “TLS/SSL Explicit encryption” selected. So:
- File protocol: FTP
- Encryption: TLS/SSL Explicit encryption
- Port number: 21
If I disable SSL and restart the server I can continue to connect using FTP.
Any idea why I’m not able to connect using FTPS?
