[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Proftpd+SSL/TLS!!!

On Wed, Jul 31, 2002 at 01:49:41PM +0800, axacheng wrote:
> Hell list :
> 
> Does anyone knows Proftpd+SSL/TLS was official idea from Proftpd ????
> 
> i wish, my ftp server have to support ssl tunnel to encrypt data that connect from every client!!!!
> 
> Anyone got ideas as to the nature/solution of this problem?   ;-)

I had to do fairly extensive research into this as part of a former job.
Unfortunately, there's not too many options.  Nearly every solution has
to have non standard clients and servers, which is a pain in the neck.
SSL/TLS encryption for FTP is in some RFC somewhere, but only a few
clients and servers implement it.

One neat trick is some software that works with any FTP client, and
intercepts all FTP traffic and encrypts it before sending it upstream.
Of course, this requires a software install on the client side, and a
special server.  http://safetp.cs.berkeley.edu for more details.  Other
than that, use scp.  Unfortunately, most options will involve some
effort/difficulty on the client end.

- Chris

PS: When I did some fairly primitive benchmarking, the SSL/TLS
encryption slowed the transfers to about 1/3 of the rate of straight FTP.
Reply to: