PDA

View Full Version : ISPConfig3 - SFTP


peterspoon
17th March 2009, 13:40
Hi,

I run ISPC3 on Debian Lenny server. Is there an easy way to get SFTP working on such configuration without using patched ssh server?
I would like to use secure FTP connection for existing FTP users.

EDIT:
I forgot about "shell user functionality" in ISPC3, which would probably do the job...

EDIT2:
Is there a way to enable sftp without creating a shell-user with jailkit? All this creates mess in the folders. I don't need this bunch of extra folders for shell-user, just secure ftp connection.
By the way, tabs on the shell-user form somehow doesn't work - going to Options tab, and then going back and saving a record result by saving empty values, and user name is being changed with prefix "default", not client name...

Ben
17th March 2009, 16:00
As you are mentioning ssh, sftp and ftp ind the same context, you need to clarify what you want.
You have either sftp which is a subsystem of sshd like scp as well and such it is "ssh" based.
ftps instead is secure ftp, e.g. ftp with ssl/tls.

see e.g. http://blogs.msdn.com/technical_outburst/archive/2007/09/21/difference-between-ftps-and-sftp.aspx for the differences

For configuring pureftp with TLS see: http://www.pureftpd.org/project/pure-ftpd/doc -> TLS encryption

peterspoon
18th March 2009, 13:32
Thank you Ben,

I just wanted to enable a secure FTP connection, no matter which method would be used...
So it seems that setting up pureftpd with TLS is quite simple.

If anyone interested:
First I created a self-signed certificate in /etc/ssl/private

openssl req -x509 -nodes -newkey rsa:1024 -keyout \
/etc/ssl/private/pure-ftpd.pem \
-out /etc/ssl/private/pure-ftpd.pem

chmod 600 /etc/ssl/private/*.pem



then created a config file in /etc/pure-ftpd/conf/
named "TLS" with a value: 1, to enable tls at the boot.

till
1st November 2009, 11:09
Duplicate post:

http://www.howtoforge.com/forums/showthread.php?t=30405&page=3

Please do not post the same thing to more then one thread!