After updating ProFTPd on a server running FreeBSD, certain clients (FireFTP specifically) were able to log in, but not transfer files or retrieve a directory listing. The following error was shown to the client user:

425 Unable to build data connection: Operation not permitted

It appears that a recent change in ProFTPd’s default TLS handling rules requires SSL sessions to be re-used, which FireFTP does not do. Looking at the TLS log file shows these kinds of errors:

Sep 17 12:31:43 mod_tls/2.4.1[9592]: client did not reuse SSL session, rejecting data connection (see TLSOption NoSessionReuseRequired)

The fix is simple, add the following to proftpd.conf and restart ProFTPd:

TLSOptions NoSessionReuseRequired

8 Responses to “SOLVED: FireFTP / ProFTPd Error ‘Unable to build data connection: Operation not permitted’”

  1. James

    Thank you! I was running ProFTPD and couldn’t get my android clients to connect.

    Reply
  2. Jay Versluis

    Thank you so much! I’ve just run into this problem, never had an issue on the same server before. Weird but true.

    I had this on CentOS 6.x with Plesk 12. Here, the ProFTP service is part of xinetd, so any Plesk users out there need to “service restart xinetd” for the changes to take effect.

    Reply
  3. El Frillo

    Thanks!

    This worked for Nas4free, Just needed to add that in the last filed for setting up FTPS. Added a leading whitespace just in case.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *