Issues connecting with FTP

June 9, 2017 475 views
Apache

I'm getting this issue when I'm trying to connect to the server..

Status: Connecting to example.com:2222...
Response: fzSftp started, protocolversion=8
Command: keyfile "~.ssh\idrsa"
Command: open "tanner@example.com" 2222
Error: Connection attempt interrupted by user

I used this: https://www.digitalocean.com/community/tutorials/how-to-configure-proftpd-to-use-sftp-instead-of-ftp

I made sure to open port 2222 just in case it was the firewall.. anyone else getting this problem? I went through the steps a couple of times again to make sure I didn't follow them wrong..

I went back and enabled sftp on 22 but I was still getting the same issue on that port.

3 Answers

@tannerchung

Generally that error means you're trying to use the wrong protocol to connect. That guide is setting up SFTP access. If you try to connect using FTP, it will fail.

FileZilla and other clients allow you to choose which protocol you're wanting to connect with, so you'd need to make sure it's set to SFTP, not FTP.

@jtittle I was using sftp protocol for sure in both cases, 22 and 2222

  • @tannerchung

    The first thing I'd recommend doing would be checking the sftp.log to see what the error is.

    You can do this by running:

    tail -20 /var/log/proftpd/sftp.log
    

    If you see an error such as:

    authentication for user 'yourusername' failed: Invalid shell
    

    You need to open the ProFTPd configuration file:

    nano /etc/proftpd/proftpd.conf
    

    Find RequireValidShell and uncomment it so that it looks like:

    RequireValidShell               off
    

    Then restart ProFTPd:

    service proftpd restart
    

    That was the only issue that I found when running through the guide.

    ...

    Other issues could be related to permissions or ownership, though the above was the only issue I found that required a change to login.

@jtittle I forgot to update the thread last night. I was able to SFTP via the IP but not the domain on 22 but not 2222 -- which is the port that proftpd should be on right? I just tried right now and wasn't able to SFTP to the domain.

Slightly off topic but because apache needs permissions for the files I did a chown and unless I chown back to my username it won't let me edit or upload files.. is there a better way to deal with that?

  • @jtittle sorry I didn't address your reply. I followed your instructions:

    Find RequireValidShell and uncomment it so that it looks like:

    RequireValidShell off
    Then restart ProFTPd:

    service proftpd restart

    still can only access ftp via the ip

    • @tannerchung

      The domain or IP that you'll use is set by the ServerName directive in the configuration. If you have that set to the IP, then you'll only be able to login via IP. You can change that to a domain or hostname such as:

      domain.com
      

      or

      web01.domain.com
      

      As long as it's valid, that should work once you restart the service.

      ...

      That said, you shouldn't be able to login to SFTP using Port 22 if you followed that guide all the way through as one of the steps is commenting out the SFTP portion of OpenSSH.

      Once you've done that, and as long as the port for SFTP / ProFTPd is set 2222, that should allow you to login.

      Using the IP to log in, just as a general note, isn't bad. But if you want to keep everything under your domain, you will need to change that directive to match and make sure that the A entry is pointing to the same IP so the connection attempt is valid.

Have another answer? Share your knowledge.