IBM Support

Is there a way to avoid having FTP port 21 start on IBM i?

How To


Summary

The FTP server needs to have the FTP control connection listening on port 21 or some other port.
This is working as designed.

Objective

When CHGFTPA is ALWSSL *ONLY, then port 21 will only allow SSL connections.
It is possible to use port 21 as a secure port, and use explicit TLS/SSL which does the following:
The FTP client sends the FTP AUTH (authorization) subcommand requesting a TLS/SSL protected session.  
The FTP server needs to have the FTP control connection listening on port 21 or some other port.
This is working as designed.
The only possibility would be to change the service table entries for
ftp-control and ftp-data to two other ports. However, there would still
be a listener out there for ftp-control, but it would not be 21.
See the following to change the service table entries:
Forcing the FTP Server to Listen on a TCP Port Other Than 21
https://www.ibm.com/support/pages/node/637597

Document Location

Worldwide

[{"Type":"MASTER","Line of Business":{"code":"LOB57","label":"Power"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SWG60","label":"IBM i"},"ARM Category":[{"code":"a8m0z0000000CLbAAM","label":"Communications->FTP"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]

Document Information

Modified date:
14 March 2022

UID

ibm16527978