From: Julien V. <jul...@so...> - 2003-06-18 13:01:01
|
Hi ? =20 I have a lot of problem with using mod_tls. I compiled proftd with this option but it does't work properly: I had this lines in my .conf : TlsRequired on TlsCipherSuite ALL:!ADH =20 But the password is transmitted without encryption ! :o( Does someone can help me ? |
From: James G. <jb...@qw...> - 2004-08-28 00:42:17
|
I can't get my TLS to work at all, and I can't find any documentation on = it for proftp for the module mod_tls. I mainly just want documentation = so I can figure it out myself and if i can't then i'll come back for = help. James |
From: TJ S. <tj...@ca...> - 2004-08-28 01:47:28
|
> I can't get my TLS to work at all, and I can't find any documentation on > it for proftp for the module mod_tls. I mainly just want documentation > so I can figure it out myself and if i can't then i'll come back for > help. http://www.castaglia.org/proftpd/doc/contrib/ProFTPD-mini-HOWTO-TLS.html http://www.castaglia.org/proftpd/modules/mod_tls.html The mod_tls.html file is also under the contrib/ directory in the source distribution. Cheers, TJ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The night has a thousand eyes, And the day but one; Yet the light of the bright world dies, With the dying sun. The mind has a thousand eyes, And the heart but one; Yet the light of a whole life dies, When love is done. -F.W. Bourdillon ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
From: James G. <jb...@qw...> - 2004-08-28 02:32:27
|
ok, I allready have questions. I didn't realize you are the author thats cool. Ok I am running debian so i'm not sure if the package has mod_tls compiled into the package. Maybe thats why its not working i just figured that Debian would do that because they are into the user end. ----- Original Message ----- From: "TJ Saunders" <tj...@ca...> To: <pro...@li...> Sent: Friday, August 27, 2004 4:05 AM Subject: Re: [Proftpd-user] TLS > > > I can't get my TLS to work at all, and I can't find any documentation on > > it for proftp for the module mod_tls. I mainly just want documentation > > so I can figure it out myself and if i can't then i'll come back for > > help. > > http://www.castaglia.org/proftpd/doc/contrib/ProFTPD-mini-HOWTO-TLS.html > http://www.castaglia.org/proftpd/modules/mod_tls.html > > The mod_tls.html file is also under the contrib/ directory in the source > distribution. > > Cheers, > TJ > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ > > The night has a thousand eyes, > And the day but one; > Yet the light of the bright world dies, > With the dying sun. > > The mind has a thousand eyes, > And the heart but one; > Yet the light of a whole life dies, > When love is done. > > -F.W. Bourdillon > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ > > > ------------------------------------------------------- > This SF.Net email is sponsored by BEA Weblogic Workshop > FREE Java Enterprise J2EE developer tools! > Get your free copy of BEA WebLogic Workshop 8.1 today. > http://ads.osdn.com/?ad_id=5047&alloc_id=10808&op=click > _______________________________________________ > ProFTPD Users List <pro...@pr...> > Unsubscribe problems? > http://www.proftpd.org/list-unsub.html > > |
From: TJ S. <tj...@ca...> - 2004-08-28 02:37:42
|
> cool. Ok I am running debian so i'm not sure if the package has mod_tls > compiled into the package. The way to see which modules are compiled into your proftpd is to use: proftpd -l This lists the compiled-in proftpd modules. > Maybe thats why its not working i just figured that Debian would do that > because they are into the user end. It may also depend on which version of proftpd you are using; Debian included a version of mod_tls in their older proftpd packages that is not the current mod_tls version. TJ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Histories make men wise; poets, witty; the mathematics, subtle; natural philosophy, deep; moral, grave; logic and rhetoric, able to contend. -Francis Bacon ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
From: James G. <jb...@qw...> - 2004-08-28 03:05:37
|
ok i'm retarded # Server's certificate TLSRSACertificateFile /etc/ftpd/server.cert.pem -- don't know how to make it TLSRSACertificateKeyFile /etc/ftpd/server.key.pem -- don't know how to make it # CA the server trusts TLSCACertificateFile /etc/ftpd/root.cert.pem -- don't know how to make it ----- Original Message ----- From: "TJ Saunders" <tj...@ca...> To: <pro...@li...> Sent: Friday, August 27, 2004 4:55 AM Subject: Re: [Proftpd-user] TLS > > > cool. Ok I am running debian so i'm not sure if the package has mod_tls > > compiled into the package. > > The way to see which modules are compiled into your proftpd is to use: > > proftpd -l > > This lists the compiled-in proftpd modules. > > > Maybe thats why its not working i just figured that Debian would do that > > because they are into the user end. > > It may also depend on which version of proftpd you are using; Debian > included a version of mod_tls in their older proftpd packages that is not > the current mod_tls version. > > TJ > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ > > Histories make men wise; poets, witty; the mathematics, subtle; natural > philosophy, deep; moral, grave; logic and rhetoric, able to contend. > > -Francis Bacon > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ > > > ------------------------------------------------------- > This SF.Net email is sponsored by BEA Weblogic Workshop > FREE Java Enterprise J2EE developer tools! > Get your free copy of BEA WebLogic Workshop 8.1 today. > http://ads.osdn.com/?ad_id=5047&alloc_id=10808&op=click > _______________________________________________ > ProFTPD Users List <pro...@pr...> > Unsubscribe problems? > http://www.proftpd.org/list-unsub.html > |
From: James G. <jb...@qw...> - 2004-08-28 03:10:28
|
i think i'm going to have a problem i have a firewall and i don't want to open ports ----- Original Message ----- From: "TJ Saunders" <tj...@ca...> To: <pro...@li...> Sent: Friday, August 27, 2004 4:55 AM Subject: Re: [Proftpd-user] TLS > > > cool. Ok I am running debian so i'm not sure if the package has mod_tls > > compiled into the package. > > The way to see which modules are compiled into your proftpd is to use: > > proftpd -l > > This lists the compiled-in proftpd modules. > > > Maybe thats why its not working i just figured that Debian would do that > > because they are into the user end. > > It may also depend on which version of proftpd you are using; Debian > included a version of mod_tls in their older proftpd packages that is not > the current mod_tls version. > > TJ > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ > > Histories make men wise; poets, witty; the mathematics, subtle; natural > philosophy, deep; moral, grave; logic and rhetoric, able to contend. > > -Francis Bacon > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ > > > ------------------------------------------------------- > This SF.Net email is sponsored by BEA Weblogic Workshop > FREE Java Enterprise J2EE developer tools! > Get your free copy of BEA WebLogic Workshop 8.1 today. > http://ads.osdn.com/?ad_id=5047&alloc_id=10808&op=click > _______________________________________________ > ProFTPD Users List <pro...@pr...> > Unsubscribe problems? > http://www.proftpd.org/list-unsub.html > |
From: Sven H. <sv...@ti...> - 2004-08-28 09:06:05
|
On Fri, Aug 27, 2004 at 07:55:49PM +0800, TJ Saunders wrote: > > Maybe thats why its not working i just figured that Debian would do that > > because they are into the user end. > > It may also depend on which version of proftpd you are using; Debian > included a version of mod_tls in their older proftpd packages that is not > the current mod_tls version. You can find a more recent version for Debian/woody on www.backports.org. Sven -- It ain't so bad bein' alone if you know it'll never last nothing lasts forever 'cept the certainly of change and love's the same It's a game with simple rules If you think it's forever then you're nothing but a fool [Venerea - Love Is A Battlefield Of Wounded Hearts] |
From: James G. <jb...@qw...> - 2004-08-29 19:42:36
|
i'm not running stable i'm runnung sid (unstable) so i should have the most current version i just don't know how to make those files # Server's certificate TLSRSACertificateFile /etc/ftpd/server.cert.pem -- don't know how to make it TLSRSACertificateKeyFile /etc/ftpd/server.key.pem -- don't know how to make it # CA the server trusts TLSCACertificateFile /etc/ftpd/root.cert.pem -- don't know how to make it ----- Original Message ----- From: "Sven Hoexter" <sv...@ti...> To: <pro...@li...> Sent: Saturday, August 28, 2004 2:05 AM Subject: Re: [Proftpd-user] TLS > On Fri, Aug 27, 2004 at 07:55:49PM +0800, TJ Saunders wrote: > > > > Maybe thats why its not working i just figured that Debian would do that > > > because they are into the user end. > > > > It may also depend on which version of proftpd you are using; Debian > > included a version of mod_tls in their older proftpd packages that is not > > the current mod_tls version. > You can find a more recent version for Debian/woody on www.backports.org. > > Sven > -- > It ain't so bad bein' alone if you know it'll never last nothing lasts forever > 'cept the certainly of change and love's the same It's a game with simple rules > If you think it's forever then you're nothing but a fool > [Venerea - Love Is A Battlefield Of Wounded Hearts] > > > ------------------------------------------------------- > This SF.Net email is sponsored by BEA Weblogic Workshop > FREE Java Enterprise J2EE developer tools! > Get your free copy of BEA WebLogic Workshop 8.1 today. > http://ads.osdn.com/?ad_id=5047&alloc_id=10808&op=click > _______________________________________________ > ProFTPD Users List <pro...@pr...> > Unsubscribe problems? > http://www.proftpd.org/list-unsub.html > |
From: Sven H. <sv...@ti...> - 2004-08-30 09:17:18
|
On Sun, Aug 29, 2004 at 12:42:28PM -0700, James Griffith wrote: > i'm not running stable i'm runnung sid (unstable) so i should have the most > current version i just don't know how to make those files > > # Server's certificate > TLSRSACertificateFile /etc/ftpd/server.cert.pem -- don't know how to make it > TLSRSACertificateKeyFile /etc/ftpd/server.key.pem -- don't know how to make > it > # CA the server trusts > TLSCACertificateFile /etc/ftpd/root.cert.pem -- don't know how to make it Start reading here: http://www.modssl.org/docs/2.8/ssl_faq.html#ToC24 HTH Sven Yes the dummy certs explained in the FAQ work with Proftpd. -- It ain't so bad bein' alone if you know it'll never last nothing lasts forever 'cept the certainly of change and love's the same It's a game with simple rules If you think it's forever then you're nothing but a fool [Venerea - Love Is A Battlefield Of Wounded Hearts] |
From: Tim A. <tim...@re...> - 2004-08-30 15:06:05
|
I've used this with success: http://www.openssl.org/docs/HOWTO/certificates.txt. And I didn't bother with the TLSCACertificateFile (root certificate file) which hasn't been a problem for my testing. HTH. Hope you have a very nice day, :-) tim James Griffith wrote: > i'm not running stable i'm runnung sid (unstable) so i should have the most > current version i just don't know how to make those files > > # Server's certificate > TLSRSACertificateFile /etc/ftpd/server.cert.pem -- don't know how to make it > TLSRSACertificateKeyFile /etc/ftpd/server.key.pem -- don't know how to make > it > # CA the server trusts > TLSCACertificateFile /etc/ftpd/root.cert.pem -- don't know how to make it > > ----- Original Message ----- > From: "Sven Hoexter" <sv...@ti...> > To: <pro...@li...> > Sent: Saturday, August 28, 2004 2:05 AM > Subject: Re: [Proftpd-user] TLS > > > >>On Fri, Aug 27, 2004 at 07:55:49PM +0800, TJ Saunders wrote: >> >> >>>>Maybe thats why its not working i just figured that Debian would do > > that > >>>>because they are into the user end. >>> >>>It may also depend on which version of proftpd you are using; Debian >>>included a version of mod_tls in their older proftpd packages that is > > not > >>>the current mod_tls version. >> >>You can find a more recent version for Debian/woody on www.backports.org. >> >>Sven >>-- >>It ain't so bad bein' alone if you know it'll never last nothing lasts > > forever > >>'cept the certainly of change and love's the same It's a game with simple > > rules > >>If you think it's forever then you're nothing but a fool >> [Venerea - Love Is A Battlefield Of Wounded Hearts] >> >> >>------------------------------------------------------- >>This SF.Net email is sponsored by BEA Weblogic Workshop >>FREE Java Enterprise J2EE developer tools! >>Get your free copy of BEA WebLogic Workshop 8.1 today. >>http://ads.osdn.com/?ad_id=5047&alloc_id=10808&op=click >>_______________________________________________ >>ProFTPD Users List <pro...@pr...> >>Unsubscribe problems? >>http://www.proftpd.org/list-unsub.html >> > > > > > ------------------------------------------------------- > This SF.Net email is sponsored by BEA Weblogic Workshop > FREE Java Enterprise J2EE developer tools! > Get your free copy of BEA WebLogic Workshop 8.1 today. > http://ads.osdn.com/?ad_id=5047&alloc_id=10808&op=click > _______________________________________________ > ProFTPD Users List <pro...@pr...> > Unsubscribe problems? > http://www.proftpd.org/list-unsub.html > > > ----------------------------------------------------------------- > Visit our Internet site at http://www.reuters.com > > Get closer to the financial markets with Reuters Messaging - for more > information and to register, visit http://www.reuters.com/messaging > > Any views expressed in this message are those of the individual > sender, except where the sender specifically states them to be > the views of Reuters Ltd. > ----------------------------------------------------------------- Visit our Internet site at http://www.reuters.com Get closer to the financial markets with Reuters Messaging - for more information and to register, visit http://www.reuters.com/messaging Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of Reuters Ltd. |
From: Jorge B. <mys...@de...> - 2007-03-21 22:37:51
|
Hi, Im configuring TLS on proftpd, but i'm having a wrong version number, my = ftp client, filezilla, i thing uses tls 2 or 3, but if i put in = proftpd.conf: TLSProtocol TLSv2 or TLSv3 It doesn't reconize it. - Fatal: TLSProtocol: : unknown protocol: 'TLSv2' on line 46 of = '/etc/proftpd.conf' Why? Jorge |
From: TJ S. <tj...@ca...> - 2003-06-18 14:52:15
|
julien>I compiled proftd with this option but it does't work properly: julien>I had this lines in my .conf : julien>TlsRequired on julien>TlsCipherSuite ALL:!ADH You need to enable the TLS engine as well, and to configure a server certificate and key: http://www.castaglia.org/proftpd/doc/contrib/ProFTPD-mini-HOWTO-TLS.html Hope this helps, TJ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ He who has never hoped can never despair. -George Bernard Shaw ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |