proftpd und mod_tls

To: <debian-user-german@lists.debian.org>
Subject: proftpd und mod_tls
From: "Miro Dietiker, MD Systems" <info@md-systems.ch>
Date: Wed, 30 Nov 2005 13:46:50 +0100
Message-id: <[🔎] 005401c5f5ac$223a18e0$4001a8c0@MDSYSPORT>
Hallo zusammen!

Ich bin gerade im Kampf mit meinem proftpd.
Nach einigen Infos in HowTos habe ich gesehen, dass Proftpd sehr einfach
FTPS supporten soll.
Natürlich sind die Module mod_tls.c und mod_core.c in proftp drin, und
eigentlich sollte das alles recht trivial sein...

Meine Relevante Konfig:
TLSEngine       on
TLSProtocol     TLSv1
TLSRequired     off
TLSVerifyClient off
TLSRSACertificateFile    /etc/proftpd/cert/tiger.cert.pem
TLSRSACertificateKeyFile /etc/proftpd/cert/tiger.key.pem
TLSCACertificateFile     /etc/cacert.pem

Die Passphrase habe ich entfernt aus dem Key.

Ich nutze unter Windows SmartFTP, da gemäss HowTo dieses Programm auch
FTPS sehr gut unterstützen soll.
Offenbar failt das erste "AUTH TLS" schon, welches erfolgreich sein
muss.
Nur frage ich mich, weshalb dieses nicht korrekt beantworet wird!

Any Idea? Waer toll...

Folgendes Serverlog!

/usr/sbin/proftpd -n -d 8
- mod_tls/2.0.7: using OpenSSL 0.9.7e 25 Oct 2004
 - parsing '/etc/proftpd.conf' configuration
 - dispatching directive 'ServerName' to module mod_core
 - dispatching directive 'ServerType' to module mod_core
 - dispatching directive 'DeferWelcome' to module mod_core
 - dispatching directive 'MultilineRFC2228' to module mod_core
 - dispatching directive 'DefaultServer' to module mod_core
 - dispatching directive 'ShowSymlinks' to module mod_ls
 - dispatching directive 'TimeoutNoTransfer' to module mod_xfer
 - dispatching directive 'TimeoutStalled' to module mod_xfer
 - dispatching directive 'TimeoutIdle' to module mod_core
 - dispatching directive 'DisplayLogin' to module mod_core
 - dispatching directive 'DisplayFirstChdir' to module mod_core
 - dispatching directive 'ListOptions' to module mod_ls
 - dispatching directive 'DenyFilter' to module mod_core
 - Compiling deny regex '\*.*/'.
 - Allocated deny regex at location 0x8118580.
 - dispatching directive 'IdentLookups' to module mod_core
 - dispatching directive 'UseReverseDNS' to module mod_core
 - dispatching directive 'PersistentPasswd' to module mod_auth_unix
 - dispatching directive 'TLSEngine' to module mod_tls
 - dispatching directive 'TLSProtocol' to module mod_tls
 - dispatching directive 'TLSRequired' to module mod_tls
 - dispatching directive 'TLSVerifyClient' to module mod_tls
 - dispatching directive 'TLSRSACertificateFile' to module mod_tls
 - dispatching directive 'TLSRSACertificateKeyFile' to module mod_tls
 - dispatching directive 'TLSCACertificateFile' to module mod_tls
 - dispatching directive 'Port' to module mod_core
 - dispatching directive 'MaxInstances' to module mod_core
 - dispatching directive 'User' to module mod_core
 - dispatching auth request "getpwnam" to module mod_radius
 - dispatching auth request "getpwnam" to module mod_auth_file
 - dispatching auth request "getpwnam" to module mod_auth_unix
 - dispatching directive 'Group' to module mod_core
 - dispatching auth request "getgrnam" to module mod_radius
 - dispatching auth request "getgrnam" to module mod_auth_file
 - dispatching auth request "getgrnam" to module mod_auth_unix
 - dispatching directive 'Umask' to module mod_core
 - dispatching directive 'AllowOverwrite' to module mod_xfer
 - dispatching directive '<Global>' to module mod_core
 - dispatching directive '<Limit>' to module mod_core
 - dispatching directive 'AllowAll' to module mod_core
 - dispatching directive '</Limit>' to module mod_core
 - dispatching directive 'TimesGMT' to module mod_core
 - dispatching directive '</Global>' to module mod_core
 - dispatching directive '<VirtualHost>' to module mod_core
 - dispatching directive 'Port' to module mod_core
 - dispatching directive 'IdentLookups' to module mod_core
 - dispatching directive 'DefaultRoot' to module mod_auth
 - dispatching directive 'DefaultRoot' to module mod_auth
 - dispatching directive 'DefaultRoot' to module mod_auth
 - dispatching directive '</VirtualHost>' to module mod_core
tiger - 
tiger - Config for tiger.rootnet.ch:
tiger - DeferWelcome
tiger - DefaultServer
tiger - ShowSymlinks
tiger - TimeoutNoTransfer
tiger - TimeoutStalled
tiger - TimeoutIdle
tiger - DisplayLogin
tiger - DisplayFirstChdir
tiger - ListOptions
tiger - DenyFilter
tiger - IdentLookups
tiger - TLSEngine
tiger - TLSRequired
tiger - TLSVerifyClient
tiger - TLSRSACertificateFile
tiger - TLSRSACertificateKeyFile
tiger - TLSCACertificateFile
tiger - UserID
tiger - UserName
tiger - GroupID
tiger - GroupName
tiger - Umask
tiger - DirUmask
tiger - AllowOverwrite
tiger - Limit
tiger -  AllowAll
tiger - TimesGMT
tiger - 
tiger - Config for tiger.rootnet.ch:
tiger - IdentLookups
tiger - DefaultRoot
tiger - DefaultRoot
tiger - DefaultRoot
tiger - Limit
tiger -  AllowAll
tiger - TimesGMT
tiger - mod_tls/2.0.7: passphrase locked into memory
tiger - mod_delay/0.4: resetting DelayTable
'/var/run/proftpd/proftpd.delay'
tiger - dispatching auth request "getgroups" to module mod_radius
tiger - dispatching auth request "getgroups" to module mod_auth_file
tiger - dispatching auth request "getgroups" to module mod_auth_unix
tiger - opening scoreboard '/var/run/proftpd/proftpd.scoreboard'
tiger - ProFTPD 1.2.10 (stable) (built do mrt 22 18:28:32 CET 2001)
standalone mode STARTUP
tiger (X.X.X.X[X.X.X.X]) - FTP session requested from unknown class
tiger (X.X.X.X[X.X.X.X]) - performing module session initializations
tiger (X.X.X.X[X.X.X.X]) - mod_delay/0.4: opening DelayTable
'/var/run/proftpd/proftpd.delay'
tiger (X.X.X.X[X.X.X.X]) - opening scoreboard
'/var/run/proftpd/proftpd.scoreboard'
tiger (X.X.X.X[X.X.X.X]) - ident lookup disabled
tiger (X.X.X.X[X.X.X.X]) - connected - local  : X.X.X.X:21
tiger (X.X.X.X[X.X.X.X]) - connected - remote : X.X.X.X:1598
tiger (X.X.X.X[X.X.X.X]) - FTP session opened.
tiger (X.X.X.X[X.X.X.X]) - dispatching PRE_CMD command 'AUTH TLS' to
mod_rewrite
tiger (X.X.X.X[X.X.X.X]) - dispatching PRE_CMD command 'AUTH TLS' to
mod_tls
tiger (X.X.X.X[X.X.X.X]) - dispatching PRE_CMD command 'AUTH TLS' to
mod_core
tiger (X.X.X.X[X.X.X.X]) - dispatching PRE_CMD command 'AUTH TLS' to
mod_core
tiger (X.X.X.X[X.X.X.X]) - dispatching CMD command 'AUTH TLS' to mod_tls
tiger (X.X.X.X[X.X.X.X]) - dispatching LOG_CMD_ERR command 'AUTH TLS' to
mod_log
tiger (X.X.X.X[X.X.X.X]) - dispatching auth request "endpwent" to module
mod_radius
tiger (X.X.X.X[X.X.X.X]) - dispatching auth request "endpwent" to module
mod_auth_file
tiger (X.X.X.X[X.X.X.X]) - dispatching auth request "endpwent" to module
mod_auth_unix
tiger (X.X.X.X[X.X.X.X]) - dispatching auth request "endgrent" to module
mod_radius
tiger (X.X.X.X[X.X.X.X]) - dispatching auth request "endgrent" to module
mod_auth_file
tiger (X.X.X.X[X.X.X.X]) - dispatching auth request "endgrent" to module
mod_auth_unix
tiger (X.X.X.X[X.X.X.X]) - FTP session closed.
tiger - ProFTPD terminating (signal 2)
tiger - mod_tls/2.0.7: scrubbing all passphrases from memory
tiger - ProFTPD 1.2.10 standalone mode SHUTDOWN
tiger - deleting existing scoreboard
'/var/run/proftpd/proftpd.scoreboard'
tiger - mod_tls/2.0.7: scrubbing all passphrases from memory

+-------------------------------+  +-------------------------------+
| Miro Dietiker                 |  | MD Systems Miro Dietiker      |
+-------------------------------+  +-------------------------------+
Reply to:
Prev by Date: Re: CDROM's mit Asus P4C800ED
Next by Date: Re: boot time verkürzen
Previous by thread: Re: boot time verkürzen
Next by thread: shortcuts ?
Index(es):
- Date
- Thread