I recently had an issue with a user not being able to log into their FTP account. I have vsftpd set up to use TLS encryption. When using Filezilla to connect to vsftpd with explicit TLS you may see something similar to the following output:
Status: Resolving address of www.example.com
Status: Connecting to 127.0.0.1:21…
Status: Connection established, waiting for welcome message…
Response: 220 WELCOME TO EXAMPLE.COM
Command: AUTH TLS
Response: 234 Proceed with negotiation.
Status: Initializing TLS…
Error: GnuTLS error -12: A TLS fatal alert has been received.
Error: Could not connect to server
The problem was that weaker ciphers have been removed from Filezilla 3.5.3 which were previously available in 3.5.2 – Users running the older version didn’t have any issues connecting. To fix this issue simply edit the /etc/vsftpd.conf file and add the following:
That fixed the login issues for the new user.