Re: vsftpd with ssl
On Mon, 29 Sep 2014 21:19:44 -0400 (EDT)
Stephen Powell <zlinuxman@wowway.com> wrote:
> I work with SSL-secured FTP regularly. First of all, let's get the
> terminology right. I'm glad to see that you used the term FTPS instead
> of SFTP. Many people have the two confused. SFTP is a file transfer
> protocol used under the Secure Shell protocol (SSH). FTPS is regular
> FTP (File Transfer Protocol) with SSL encryption wrapped around it.
> But, strictly speaking, the FTPS protocol is for *implicit*
> SSL-encrypted FTP only, and that's not how you have your server set up.
> *Explicit* SSL-encrypted FTP, via the "AUTH TLS" command, is still
> considered the FTP protocol, not the FTPS protocol, even though SSL
> encryption is used. Furthermore, the well-known port normally used
> for FTPS is port 990, and you have your server set up to use port 21,
> which is the well-known port for the FTP protocol. So the server is
> set up for FTP and the client is assuming FTPS. They don't match.
>
> The first decision you need to make is whether you want to set up
> your server for implicit SSL or explicit SSL. Then proceed from
> there.
Thanks for your informative answer, it did solve my problem, after
enabling implicit_ssl option in vsftpd (and btw after disabling
ssl:verify-certificate in lftp), I could transfer a test file.
Kind regards
--
http://markorandjelovic.hopto.org
One should not be afraid of humans.
Well, I am not afraid of humans, but of what is inhuman in them.
Ivo Andric, "Signs near the travel-road"
Reply to: