Re: vsftpd with ssl

[Marko Randjelovic <marko-r@sbb.rs>]

On Mon, 29 Sep 2014 21:19:44 -0400 (EDT)
Stephen Powell <zlinuxman@wowway.com> wrote:

> I work with SSL-secured FTP regularly.  First of all, let's get the
> terminology right.  I'm glad to see that you used the term FTPS instead
> of SFTP.  Many people have the two confused.  SFTP is a file transfer
> protocol used under the Secure Shell protocol (SSH).  FTPS is regular
> FTP (File Transfer Protocol) with SSL encryption wrapped around it.
> But, strictly speaking, the FTPS protocol is for *implicit*
> SSL-encrypted FTP only, and that's not how you have your server set up.
> *Explicit* SSL-encrypted FTP, via the "AUTH TLS" command, is still
> considered the FTP protocol, not the FTPS protocol, even though SSL
> encryption is used.  Furthermore, the well-known port normally used
> for FTPS is port 990, and you have your server set up to use port 21,
> which is the well-known port for the FTP protocol.  So the server is
> set up for FTP and the client is assuming FTPS.  They don't match.
> 
> The first decision you need to make is whether you want to set up
> your server for implicit SSL or explicit SSL.  Then proceed from
> there.

Thanks for your informative answer, it did solve my problem, after
enabling implicit_ssl option in vsftpd (and btw after disabling
ssl:verify-certificate in lftp), I could transfer a test file.

Kind regards

-- 
http://markorandjelovic.hopto.org

One should not be afraid of humans.
Well, I am not afraid of humans, but of what is inhuman in them.
    Ivo Andric, "Signs near the travel-road"