Re: tls

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Am 07.09.2013 01:09, schrieb Patrick Dupre:
>> ----- Original Message -----
>> From: Reindl Harald
>> Sent: 09/07/13 12:48 AM
>> To: Community support for Fedora users
>> Subject: Re: tls
>>
>> Am 07.09.2013 00:43, schrieb Patrick Dupre:
>>> I installed pure-ftpd on my machine to use the TLS protocle.
>>> I followed the instructions given in:
>>> http://www.howtoforge.com/how-to-configure-pureftpd-to-accept-tls-sessions-on-fedora-18
>>>
>>> but I still cannot ftp by using ftps (filezilla)
>>
>> be explicit - you can not connect or you can not list folders and transfer data
> Status: Connecting to 193.49.194.196:990...
> Status: Connection attempt failed with "EHOSTUNREACH - No route to host".
> Error: Could not connect to server

why port 990?

even if the port would be correct you need
a) verify on which ports your daemon is listening (man netstat)
b) make sure that ports are open

AFAIK it is using STARTTLS
http://en.wikipedia.org/wiki/STARTTLS

>> http://slacksite.com/other/ftp.html conatins basics about FTP
>>
>>> Do I need to configure the firewall to open the port?
>>
>> you need to open the passive port-range in the firewall by hand
>> "nf_conntrack_ftp" as any other DPI can not work with encrypted streams
> This, I do not know what to do:
> I do not see any nf_conntrack_ftp in public service or in selinux

man iptables

if you do not specify "PassivePortRange" the passive port can be anything
between 1024 and 65535 and if you do use active FTP mode than you need
to setup the firewall on the client properly - at the end of the day it
doe snot matter who is chosing the random port for the data connection
and the otehr side has to open this port

to understand what you are doing i posted
>> http://slacksite.com/other/ftp.html conatins basics about FTP

only few people (inclduing a lot of professional amdins) do understand FTP really

Attachment: signature.asc
Description: OpenPGP digital signature

-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux