Pure-FTPd Error: Failed to retrieve directory listing — CyberPanel - WebHosting Control Panel for OpenLiteSpeed
CyberLoader

Pure-FTPd Error: Failed to retrieve directory listing

Running CyberPanel Version 2.0 Build 3 on Ubuntu 20.04.2. LTS. Clean install.

When I try to connect via ftp user I cannot get it to list directories. I have enabled debug on pure-ftpd to see if there are any useful errors and the first one was:

[DEBUG] Couldn't load the DH parameters file /etc/ssl/private/pure-ftpd-dhparams.pem

I fixed that with
openssl dhparam -out /etc/ssl/private/pure-ftpd-dhparams.pem 2048

And restarted
systemctl restart pure-ftpd-mysql

Still cannot list directories.

The server is available on port 21 if I do telnet to the IP address of the server I get this:
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 3 of 50 allowed.
220-Local time is now 15:22. Server port: 21.
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.

So I have connectivity to the server via port 21

If I look at the debug log I can see that I am successfully authenticated it just won't go any further than that.
anonymized log from filezilla:
Status: Connecting to ServerIP:21...
Status: Connection established, waiting for welcome message...
Status: Initializing TLS...
Status: Verifying certificate...
Status: TLS connection established.
Status: Logged in
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is your current location
Command: TYPE I
Response: 200 TYPE is now 8-bit binary
Command: PASV
Response: 227 Entering Passive Mode (ServerIP,156,174)
Command: MLSD
Error: Connection timed out after 20 seconds of inactivity
Error: Failed to retrieve directory listing

anonymized log from server:
Mar 1 15:40:16 ServerName pure-ftpd-mysql[1106]: Starting ftp server:
Mar 1 15:40:16 ServerName pure-ftpd-mysql[1120]: Running: /usr/sbin/pure-ftpd-mysql -l mysql:/etc/pure-ftpd/db/mysql.conf -P ServerIP -p 40110:40210 -d -A -Y 1 -B
Mar 1 15:40:16 ServerName systemd[1]: Started pure-ftpd-mysql.service.
Mar 1 15:40:16 ServerName systemd[1]: Reached target Multi-User System.
Mar 1 15:40:16 ServerName systemd[1]: Reached target Graphical Interface.
Mar 1 15:40:16 ServerName systemd[1]: Starting Execute cloud user/final scripts...
Mar 1 15:40:16 ServerName systemd[1]: Starting Update UTMP about System Runlevel Changes...
Mar 1 15:40:16 ServerName systemd[1]: systemd-update-utmp-runlevel.service: Succeeded.
Mar 1 15:40:16 ServerName systemd[1]: Finished Update UTMP about System Runlevel Changes.
Mar 1 15:42:02 ServerName CRON[1157]: (root) CMD (if ! find /home/*/public_html/ -maxdepth 2 -type f -newer /usr/local/lsws/cgid -name '.htaccess' -exec false {} +; then /usr/local/lsws/bin/lswsctrl restart; fi)
Mar 1 15:43:31 ServerName pure-ftpd: ([email protected]) [INFO] New connection from ClientIP
Mar 1 15:43:31 ServerName pure-ftpd: ([email protected]) [DEBUG] Command [auth] [TLS]
Mar 1 15:43:31 ServerName pure-ftpd: ([email protected]) [INFO] TLS: Enabled TLSv1.3 with TLS_AES_256_GCM_SHA384, 256 secret bits cipher
Mar 1 15:43:31 ServerName pure-ftpd: ([email protected]) [DEBUG] Command [user] [client_username]
Mar 1 15:43:31 ServerName pure-ftpd: ([email protected]) [DEBUG] Command [pass] [<*>]
Mar 1 15:43:31 ServerName pure-ftpd: ([email protected]) [INFO] client_username is now logged in
Mar 1 15:43:31 ServerName pure-ftpd: ([email protected]) [DEBUG] Command [syst] []
Mar 1 15:43:31 ServerName pure-ftpd: ([email protected]) [DEBUG] Command [feat] []
Mar 1 15:43:31 ServerName pure-ftpd: ([email protected]) [DEBUG] Command [opts] [UTF8 ON]
Mar 1 15:43:31 ServerName pure-ftpd: ([email protected]) [DEBUG] Command [pbsz] [0]
Mar 1 15:43:31 ServerName pure-ftpd: ([email protected]) [DEBUG] Command [prot] [P]
Mar 1 15:43:31 ServerName pure-ftpd: ([email protected]) [DEBUG] Command [pwd] []
Mar 1 15:43:31 ServerName pure-ftpd: ([email protected]) [DEBUG] Command [type] [I]
Mar 1 15:43:31 ServerName pure-ftpd: ([email protected]) [DEBUG] Command [pasv] []
Mar 1 15:43:31 ServerName pure-ftpd: ([email protected]) [DEBUG] Command [mlsd] []
Mar 1 15:43:51 ServerName pure-ftpd: ([email protected]) [INFO] New connection from ClientIP
Mar 1 15:43:51 ServerName pure-ftpd: ([email protected]) [DEBUG] Command [auth] [TLS]
Mar 1 15:43:51 ServerName pure-ftpd: ([email protected]) [INFO] TLS: Enabled TLSv1.3 with TLS_AES_256_GCM_SHA384, 256 secret bits cipher
Mar 1 15:43:51 ServerName pure-ftpd: ([email protected]) [DEBUG] Command [user] [client_username]
Mar 1 15:43:51 ServerName pure-ftpd: ([email protected]) [DEBUG] Command [pass] [<*>]
Mar 1 15:43:51 ServerName pure-ftpd: ([email protected]) [INFO] client_username is now logged in
Mar 1 15:43:51 ServerName pure-ftpd: ([email protected]) [DEBUG] Command [opts] [UTF8 ON]
Mar 1 15:43:51 ServerName pure-ftpd: ([email protected]) [DEBUG] Command [pbsz] [0]
Mar 1 15:43:51 ServerName pure-ftpd: ([email protected]) [DEBUG] Command [prot] [P]
Mar 1 15:43:51 ServerName pure-ftpd: ([email protected]) [DEBUG] Command [pwd] []
Mar 1 15:43:51 ServerName pure-ftpd: ([email protected]) [DEBUG] Command [type] [I]
Mar 1 15:43:51 ServerName pure-ftpd: ([email protected]) [DEBUG] Command [pasv] []
Mar 1 15:43:51 ServerName pure-ftpd: ([email protected]) [DEBUG] Command [mlsd] []
Mar 1 15:45:01 ServerName CRON[1167]: (root) CMD (if ! find /home/*/public_html/ -maxdepth 2 -type f -newer /usr/local/lsws/cgid -name '.htaccess' -exec false {} +; then /usr/local/lsws/bin/lswsctrl restart; fi)

I did all the suggestions from searching the forums on forums.cyberpanel.net by removing the firewall rules and re-adding them. I have also tried to disable all firewalls still the same.

I think there is something wrong with the default configuration:
/etc/pure-ftpd/pure-ftpd.conf
ChrootEveryone yes
BrokenClientsCompatibility no
MaxClientsNumber 50
Daemonize yes
MaxClientsPerIP 8
VerboseLog yes
DisplayDotFiles yes
AnonymousOnly no
NoAnonymous yes
SyslogFacility ftp
DontResolve yes
MaxIdleTime 15
MySQLConfigFile /etc/pure-ftpd/pureftpd-mysql.conf
PAMAuthentication yes
LimitRecursion 10000 8
AnonymousCanCreateDirs no
MaxLoad 4
AntiWarez yes
Umask 133:022
MinUID 1000
#UseFtpUsers no
AllowUserFXP no
AllowAnonymousFXP no
ProhibitDotFilesWrite no
ProhibitDotFilesRead no
AutoRename no
AnonymousCantUpload yes
AltLog clf:/var/log/pureftpd.log
CreateHomeDir yes
MaxDiskUsage 99
CustomerProof yes
TLS 0
PassivePortRange 40110 40210

/etc/pure-ftpd/pureftpd-mysql.conf
MYSQLServer localhost
MYSQLPort 3306
MYSQLSocket /var/lib/mysql/mysql.sock
MYSQLDatabase cyberpanel
MYSQLCrypt md5
MYSQLGetDir SELECT Dir FROM users WHERE User='\L'
MYSQLGetGID SELECT Gid FROM users WHERE User='\L'
MYSQLGetPW SELECT Password FROM users WHERE User='\L'
MYSQLGetUID SELECT Uid FROM users WHERE User='\L'
MYSQLPassword ******************
MYSQLUser cyberpanel

/etc/pure-ftpd/conf/ChrootEveryone
yes

/etc/pure-ftpd/conf/ForcePassiveIP
ServerIP (public IP)

/etc/pure-ftpd/conf/PassivePortRange
40110 40210

Please help.

Any advice would be appreciated!

Comments

  • 40110-40210 port incoming.
  • Type your comment> @letienvy said:
    > 40110-40210 port incoming.

    I had a really hard time convincing my network team colleague that we need this ports open for it to work properly.

    Is it really necessary to have this ports open? Can it work without this ports?

    If we only open ports 20 and 21 can it run encrypted connection over active FTP?
Sign In or Register to comment.
CyberPanel Discord

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

In this Discussion