Proftpd with TLS fails at LIST
I am trying to setup Proftp with SSL/TLS on Opensuse 11
Proftpd vs 1.3.2rc1
My problem is when I try to connect via Filezilla it gets to LIST then I get connection timed out, Failed to retrieve directory list. It never actually lists the directories. I have no doubt this is my lack of knowledge, but I have tried to search for the exact issue to my situation and cannot find an answer.
My syslog.log shows this as the last entry:
Preparing to chroot to directory '/ftp/directory'
Here is my proftpd.conf
Jul 19 21:16:26 mod_tls/2.2: TLS/TLS-C requested, starting TLS handshake
Jul 19 21:16:26 mod_tls/2.2: TLSv1/SSLv3 connection accepted, using cipher DHE-RSA-AES128-SHA (128 bits)
Jul 19 20:16:27 mod_tls/2.2: Protection set to Private
# To really apply changes reload proftpd after modifications.
# Choose here the user alias you want !!!!
UserAlias bob user1
UserAlias jim user2
ServerName "My FPT Site"
# It's better for debug to create log files ;-)
# I don't choose to use /etc/ftpusers file (set inside the users you want to ban, not useful for me)
# Allow to restart a download
# Port 21 is the standard FTP port, so you may prefer to use another port for security reasons (choose here the port you want)
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
# Set the user and group that the server normally runs at.
# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask 022 022
# Display a message after a successful login
AccessGrantMsg "Good day!!!"
# This message is displayed for each access good or not
ServerIdent on "Welcome to your Home"
# Are clients required to use FTP over TLS when talking to this server?
# Server's certificate
# CA the server trusts
# Authenticate clients that want to use FTP over TLS?
# Set /srv/ftp/ftpdir as home directory
# Lock all the users in home directory, ***** really important *****
# Set Passive Ports range - to allow login from internet behind firewall
PassivePorts 49152 64432
AllowUser user1 user2
#Umask 022 022
<Limit MKD STOR DELE XMKD RNRF RNTO RMD XRMD>
proftpd -l output:
I have tried TLSOptions NoCertRequest with same results.
The directory that is set to default has chmod 775 with root as owner and users for group.
I have tried with SSL/TLS set to not required with same results. The server does have a firewall running on it, but the ports listed are allowed. I also tried with the firewall disabled. At this point I do not know where to look for the issue so any assistance is much appreciated.