Softaculous

Topic : FTP underTLS issues


Posted By: peopleinside on January 25, 2017, 1:43 pm
Server under TLS FTP loose connection and error showed by WinSCP is:

Code
Using TLSv1.2, cipher TLSv1/SSLv3: ECDHE-RSA-AES128-GCM-SHA256, 2048 bit RSA, ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH    Au=RSA  Enc=AESGCM(128) Mac=AEAD

Disconnessione dal server
Copia file lato remoto fallita.


Seems pure ftp is trying to use SSLv3?

FTP under TLS give so many disconnections to me.


-----------------------
PeopleInside  :angel:

Web, security, open source passionate.

Posted By: webuzo_manager on January 28, 2017, 8:14 am | Post: 1
Hi peopleinside,

It seems that pure-ftpd is using TLS 1.2v from your machine , but also accepts connections via SSLv3.

I suggest that you change your pure-ftpd conf located at
/usr/local/apps/pureftpd/etc/

Change the following line in the config file :

TLSCipherSuite          HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3

to

TLSCipherSuite          HIGH:MEDIUM:+TLSv1:!SSLv2:!SSLv3

The above setting will force Pure - FTPD to only use TLS cipher suite for connection and not accept connection from SSLv3 cipher suite.

Hope this helps

Edited by webuzo_manager : January 28, 2017, 8:15 am

Posted By: peopleinside on January 28, 2017, 9:18 am | Post: 2
I have already disabled SSLv3 on pure-ftp.
Now I will try the new pure-ftp update made some day ago.


-----------------------
PeopleInside  :angel:

Web, security, open source passionate.

Powered By AEF 1.0.8 © 2007-2008 Electron Inc.