There's a fair amount of information in the vsftpd.conf (5) man page
to so with enabling SSL, how to direct vsftpd to the appropriate
certificates etc.
There doesn't appear to be any concrete examples in the docs...
[wmcdonald@willspc vsftpd-2.0.1]$ pwd
/usr/share/doc/vsftpd-2.0.1
[wmcdonald@willspc vsftpd-2.0.1]$ grep -ir ssl *
Changelog:For some cases, it's better than the hassle of virtual
users. Idea thanks to
Changelog:- Add OpenSSL (AUTH TLS / SSL) support for encrypted control and data
Changelog:- Improve the build system so tcp_wrappers, PAM and OpenSSL
can be forcibly
Changelog:- Add SSL / TLS info to SECURITY texts.
Changelog:- Add README.ssl
Changelog:- Add documentation for new SSL options to vsftpd.conf.5.
Changelog:- Add -lcrypto for the SSL build; needed for some systems!
Thanks to Nelson
Changelog:- Fix vsftpd.conf.5 man page error in "ssl_sslv3", thanks to
Etienne Chevillard
Changelog:- Clarify licensing: I allow linking of my GPL software with
the OpenSSL
COPYING:As copyright holder, I give permission for vsftpd to be linked
to the OpenSSL
COPYING:linked against the OpenSSL libraries. All other obligations
under the GPL v2
COPYING:except as expressly provided under this License. Any attempt
FAQ:Q) Does vsftpd support SSL / TLS based encryption?
FAQ:need to activate the ssl_enable setting. NOTE there are security
considerations
FAQ:with this support. Please make sure to read the ssl_enable section in the
LICENSE:As copyright holder, I give permission for vsftpd to be linked
to the OpenSSL
LICENSE:linked against the OpenSSL libraries. All other obligations
under the GPL v2
SECURITY/TRUST:vsftpd-2.0.0 introduces SSL / TLS support using
OpenSSL. OpenSSL is a massive
SECURITY/TRUST:control of remote malicious clients. SSL / TLS is
disabled by default, both
SECURITY/TRUST:the decision that they trust the OpenSSL library. I
personally haven't yet
SECURITY/TRUST:formed an opinion on whether I consider the OpenSSL
code trustworthy.
SECURITY/DESIGN:5) vsftpd-2.0.0 introduces SSL / TLS support using
OpenSSL. ALL OpenSSL
SECURITY/DESIGN:user. This means both pre-authenticated and
post-authenticated OpenSSL protocol
SECURITY/DESIGN:being secure. I'm unaware of any other FTP server
which supports both SSL / TLS
TODO:- Look into using GnuTLS in place of OpenSSL (more compatible license).
Google might throw up some potential aid...
http://classic.tinysofa.org/documentation/index.cgi?VsftpdConfiguration
http://www.google.co.uk/search?hl=en&q=vsftpd+ssl&meta=
Will.
On 19/11/05, Thomas E Dukes <edukes@xxxxxxxxxx> wrote:
> Hello,
>
> Does anyone have this working? I have been looking for a couple of hours
> trying to find docs on how to set this up and so far the only thing I have
> found is how to enable ssl in vsftpd.conf.
>
> TIA
>
>
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
>
