#1  
Old 23rd November 2007, 23:29
leblanc leblanc is offline
Junior Member
 
Join Date: Sep 2007
Posts: 14
Thanks: 0
Thanked 0 Times in 0 Posts
Default pure-ftpd with ssl?

i have pure-ftpd working with postgresql backend.

I followed instructions on pure-ftpd website to enable ssl. How can i test if it is working?

How can i troubleshoot this? [my client was smartftp and i'm trying to narrow if it's a client problem or a server problem with ssl handling. ]


what would be the commands to authenticate with ssl and accept the certificate using linux on command line????????/

telnet localhost 21 // on my server???
key value
key value
user leblanc
pass ....

Last edited by leblanc; 26th November 2007 at 07:38.
Reply With Quote
Sponsored Links
  #2  
Old 25th November 2007, 04:25
MisterVlad MisterVlad is offline
Member
 
Join Date: Jun 2007
Location: Windsor, Ontario, CANADA
Posts: 61
Thanks: 1
Thanked 1 Time in 1 Post
Send a message via MSN to MisterVlad Send a message via Skype™ to MisterVlad
Default

I use proftpd-mysql on Debian 4.0 ETCH, and I also use smartftp. For some time now, I have not been able to figure out how to get ssl over ftp to work... and it is pissing me off too.

I read that smartftp uses a different protocol, and it may not work properly. in that same article, i read that there was a free ftp client called winSCP which i have been using, and still, no ssl over ftp.

When I try to connect, it wants to use port 22, which is my SSH port. If that is the case, to use FTP over SSH (which does work), is that actually correct? i dont have SFTP set up on my new server, but when i try to connect, it will accept my username and password that I use for SSH, but not any FTP users...

Should I change my SSH port to something else? if i set up SFTP it is TLS authentication, is it not?

I may be wrong, but hey... I am at least making another question that may end up getting the right answer eventually

Mistervlad
Reply With Quote
  #3  
Old 26th November 2007, 07:39
leblanc leblanc is offline
Junior Member
 
Join Date: Sep 2007
Posts: 14
Thanks: 0
Thanked 0 Times in 0 Posts
Default keep on track

there are 2 ways to upload files securely;

ssh or ssl - both methods require the client to accept a certificate to encrypt traffic between client and server. how each protocol differs or which is better is beyond me.


ftp over secure shell is done with sftp or scp... i use pscp from:
http://www.chiark.greenend.org.uk/~s.../download.html
there is also a psftp client there also. Read the tutorials on the above website that describe how to use the clients. scp client on linux is preloaded on my suse distro and ubuntu and work exactly as in pscp client. My previous experience with ssh was that there is no virtual database provider.... anyone wanting to secure shell would need a real account on the box. This is not acceptable in my case. winscp uses secure shell account.. nothing to do with pure-ftpd!



ftp with ssl is completely different from the above. You are no longer using a secure shell but using the standard ftp protocol but now including a layer of encryption with ssl. for this you don't need a ssh server but merely need an ftp server that is ssl aware... aka: pure-ftpd


The problem on this thread:
--------------------------
How do you test that pure-ftpd is actually handling ssl connections properly? So i can debug my client or debug pure-ftpd.

linux command lines would be much appreciated.
Reply With Quote
  #4  
Old 28th November 2007, 08:08
leblanc leblanc is offline
Junior Member
 
Join Date: Sep 2007
Posts: 14
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default found clients and have it working on 1 client!

I'm using filezilla and gnome ftp and smart ftp




I have it working with filezilla on linux.
Quote:
http://download.pureftpd.org/pub/pur...doc/README.TLS

* FileZilla (Windows)
URL: http://filezilla.sourceforge.net

SSL/TLS works. In the "Site details" dialog box, pick "FTP over TLS
(explicit encryption)" as the "Servertype".
Reported by Philip Hallstrom.

Using receent versions (>= v2.2.19a) is recommended.
I found filezilla in my opensuse repository. The trick is to pick FTPES for communication type. Thats it!

since filezilla is available for win and linux... and since i'm going allow both unsecured and secured connections.... i'm not going worry about this anymore. Just inform the users if they need ssl use filezilla!







debug errors on gftp
gftp complains about self signed certificate.
wish i could get this to work.. but here is somebody's attempt:
http://ubuntuforums.org/archive/index.php/t-77230.html
PHP Code:
Connected to 192.168.1.103:21
220
-Welcome to Pure-FTPd.
220-You are user number 1 of 10 allowed.
220-This is a private system No anonymous login
220
-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
AUTH TLS

234 AUTH TLS OK
.
Error with certificate at depth0
Issuer 
= /C=US/ST=Iowa/L=Cedar Rapids/O=Robust Haven/OU=Administration/CN=Leblanc Meneses/emailAddress=web@robusthaven.com
Subject 
= /C=US/ST=Iowa/L=Cedar Rapids/O=Robust Haven/OU=Administration/CN=Leblanc Meneses/emailAddress=web@robusthaven.com
Error 18
:self signed certificate
Disconnecting from site 192.168.1.103 

smartftp ... scrap use filezilla probably same problem as gftp.. menu is confusing
Quote:

* SmartFTP (Windows)
URL: http://www.smartftp.com/

An excellent client with IPv6 support, port range limitation and other
useful features (!= bloat) . And it's free for personal, educational and non-
commercial use. And it detects Pure-FTPd

SSL/TLS perfectly works when the "FTP over SSL (explicit)" protocol is
selected and when the data connection mode (Tools->Settings->SSL) is set to
"clear data connection" while the AUTH mode (also in Tools->Settings->SSL) is
set to "TLS".

Last edited by leblanc; 28th November 2007 at 08:14.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Apache2 and multiple SSL configs and name based virtual hosting Creator1326 Server Operation 11 5th October 2010 19:28
SSL for virtual hosts on one certificate rbartz Tips/Tricks/Mods 8 20th November 2007 17:59
Help installing an SSL certificate james@thereidsonline.com Installation/Configuration 1 26th June 2007 18:11
SSL Issue - Unable to connect to any site Menzor Installation/Configuration 4 27th May 2007 04:03
Unbearably slow access speeds CombatGod Installation/Configuration 5 30th May 2006 16:31


All times are GMT +2. The time now is 03:57.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.