Need help configuring vsftpd with SSL + virtual users on Debian Wheezy
I want to configure vsftpd to use virtual users, and have the connection
made over SSL.
Here's my config at /etc/vsftpd.conf:
# Defaults from example config.
listen=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
anon_upload_enable=NO
anon_mkdir_write_enable=NO
dirmessage_enable=NO
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_file=/var/log/vsftpd.log
xferlog_std_format=YES
nopriv_user=ftp
secure_chroot_dir=/var/run/vsftpd/empty
# My config options.
guest_enable=YES
virtual_use_local_privs=YES
pam_service_name=vsftpd
user_sub_token=$USER
local_root=/var/www/virtual/$USER
chroot_local_user=YES
hide_ids=YES
ssl_enable=YES
allow_anon_ssl=NO
force_local_logins_ssl=YES
force_local_data_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=YES
ssl_sslv3=YES
rsa_cert_file=/etc/ssl/certs/vsftpd-cert.pem
rsa_private_key_file=/etc/ssl/private/vsftpd-key.pem
Each time I try to log in with my FTP client (Transmit on Mac OS X), it
says, "Server said: Login incorrect."
I checked local_root to make sure the owner was ftp.
I also did receive an SSL certificate warning when connecting with FTP +
SSL, and so I connected, and so I assume this means SSL is working.
The permissions for the user's folder I'm trying to log in with are
drwxr-xr-x.
Also, I would like to know if these configuration options will achieve
what I'm trying to do, which is, to have virtual users that can only
connect and authenticate over a secured, TLS/SSL connection.
Regards.
--
Blaine LaFreniere
Reply to: