hi! how to implement it?
In order for the backup client in Hestia to forcibly connect to a remote FTP server to save a backup, using AUTH TLS or AUTH SSL encryption.
Accept the certificate automatically.
So that the connection is not established without AUTH TLS or AUTH SSL encryption.
Hi @SHarksGANG,
Hestia uses ftp command to tranfer backup files and it doesn’t support ftps so you could use sftp or if you must use ftps, use rclone to configure an ftps connection for your backups.
I read
Спойлер
this, there is no mention here of how to configure RClone to use an encrypted ssl or tls connection. In the settings [Config backups]
Спойлер
(hestiacp/bin/v-add-backup-host at main · hestiacp/hestiacp · GitHub )
, you can add a command to force TLS or SSl to be enabled. It will be happiness!
The doc is to use rclone in Hestia, if you want to use rclone, you should check their own doc to config it to fit your needs:
You should already have rclone installed as part of Hestia’s install so as root run:
rclone config
And add the new remote connection interactively or use something like this:
In the example I will use ftp-whatever
as the connection name, ftp
as the connection type, ftp.example.com
as the ftp host, 21
as the port, foo
as the user, sup3rSecret!
as the password and will say to use explicit_tls
connection.
rclone config create ftp-whatever ftp host=ftp.example.com port=21 user=foo pass='sup3erSecret!' explicit_tls=true
If you don’t want to check the certificate, add the option no_check_certificate=true
If you want/need to use implicit tls instead of explicit tls then replace explicit_tls=true
by implicit_tls=true
Once added you can test it with the command:
rclone ls ftp-whatever:
Now you can configure the backup in Hestia, selecting rclone and adding ftp-whatever
as the remote.
Thanks for the help! It doesn’t work in my case! The provider issues only an IP address for access. Of course, I connected to the IP address using Filezilla, accepted the unsigned certificates and looked at the domain name in the certificate. But RClone cannot connect, writes the error “530 Invalid authentication data”. The question of connecting FTP using TLS is relevant. I do not understand where in the Hestia config to add a TLS forced connection string, how to fix v-add-backup-host?
If the ftp over tls is explicit you should not use tls = true
, as far as i know it will default to implicit tls and as no port has been specified, it will use port 990
instead of 21
.
I tested it using tls = true
and explicit_tls = true
and rclone returns this error:
implicit TLS and explicit TLS are mutually incompatible, please revise your config
So you should use only one. Also. double check that the password you used when creating the conf was quoted inside single quotes. If you want to change it and modify the rclone.conf directly, you must obscure it before pasting it inside the conf file:
rclone obscure 'HereYourPassword'
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.