Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Setting up VSFTPD (force SSL?)
Top Forums UNIX for Dummies Questions & Answers Setting up VSFTPD (force SSL?) Post 302358316 by mokachoka on Friday 2nd of October 2009 05:44:44 AM
Old 10-02-2009
Error Setting up VSFTPD (force SSL?)
Hi all,

Im having trouble setting up an FTP server and forcing SSL. At the moment i can connect to the server externally using normal FTP but when i try FTP with SSL i get

STATUS:> [02/10/2009 08:54:16] Connected. Exchanging encryption keys...
ERROR:> [02/10/2009 08:54:16] SSL: Error in negotiating SSL connection.

My VSFTPD config looks like this...

Code:
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=NO
ssl_sslv2=NO
ssl_sslv3=YES
#pasv_address=**.**.**.**
pasv_min_port=5000
pasv_max_port=5050

I want it to be as secure as possible and i want to force secure connections?

What am i doing wrong? As far as im aware the ports are open... Smilie
Last edited by Yogesh Sawant; 10-08-2009 at 05:31 AM.. Reason: added code tags
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

to enable POP3(ssl) and SMTP(ssl) in Squid

i have configured Squid proxy server in Fedora 8 with two network interfaces. HTTP, HTTPS, FTP are working fine but we are unable to download mails using mail clients from mail server with POP3(ssl) and SMTP(ssl). so please someone help us how to enable pop and smtp in Squid. (1 Reply)
Discussion started by: praneel2k
1 Replies

2. UNIX for Dummies Questions & Answers

VSFTPD - User or IP based SSL encryption?

Is there a way i can only force SSL encryption if they connect from outside our network OR allow certain IP's to connect without using encryption? (0 Replies)
Discussion started by: mokachoka
0 Replies

3. UNIX for Dummies Questions & Answers

VSFTPD & SSL Certificates

Hello all :b: I need a little advice on securing my VSFTPD server. I currently have it setup and working using a self signed certificate by following instructions on the net and im happy with it to a certain extent. One of my clients is not... He said he cannot connect to the server unless... (1 Reply)
Discussion started by: mokachoka
1 Replies

4. Red Hat

vsftpd with ssl support on rhel5 64 bit

Hi Friends, I am trying to configure vsftpd server 2.0.5 on rhel5 64 bit installation. I am getting an error when initiating an ssl connection. I am using filezilla 3.0 ftp client. Client is specifically using passive mode connection. I can see the client is able to connect to the server,... (0 Replies)
Discussion started by: arumon
0 Replies

5. UNIX for Dummies Questions & Answers

vsftpd with SSL

Hi there. Im studying and i've got an exercise that i cannot fully understand. Im trying and testing, but it didnt works What i need to configure ftps ( vsftpd ) with openssl? (1 Reply)
Discussion started by: andriusman
1 Replies

6. Programming

setting netbeans to ignore from expired ssl certificate

Hi, I am not sure this is the correct section. My question is not directly about programming about developing IDE. I am using netbeans to develop my project. I created a new project from a remote server. I have set all the details. One problem is that the server ssl has already expired... (0 Replies)
Discussion started by: programAngel
0 Replies

7. Red Hat

Force ssl/ssh to use the hosts file

does anyone know how to force ssh/ssl to use the hosts file instead of DNS? I have disabled the DNS servers but ssh still will not resolve a host in the hosts file. thanks in advance for the help! DS (3 Replies)
Discussion started by: derrell simpson
3 Replies

8. UNIX for Advanced & Expert Users

Does vsftpd support user access with client certificate with priv/pub key + vsftpd certificate?

:rolleyes:I am trying to setup all certificate based client-server environment in Linux using vsftpd and curl with openssl. I would like to make a user access with vsftpd certificate and user own client certificate (self-signed) with private/public key. I don't see google posts about the my plan... (4 Replies)
Discussion started by: gogogo
4 Replies

9. AIX

Setting root pasword to null with force change on first login

Greetings All I have a specific use case: for the deployment of a standard AIX Golden Image via mksysb, I have been requested to set the root user password to NULL with forced change on first login. Currently the admins need to remember when the Golden Image mksysb was created to calculate the... (5 Replies)
Discussion started by: milegrin
5 Replies

10. Linux

Apache wildcard ssl on subdomain serves same page for non ssl virtualhosts

Issue observed: I have configured ng.my-site.com using widlcard ssl cert. When I hit https://www.my-site.com it loads ng.my-site.com website! please advise if I missed any concept / configs... Thank you! httpd.conf <VirtualHost *:80> ServerName www.my-site.com ServerAdmin... (0 Replies)
Discussion started by: ashokvpp
0 Replies

LEARN ABOUT DEBIAN

mdbfontsize

mdbFontSize(5)							 The m17n Library						    mdbFontSize(5)

NAME

       mdbFontSize - Font Size

DESCRIPTION

       In some case, a font contains incorrect information about its size (typically in the case of a hacked TrueType font), which results in a
       bad text layout when such a font is used in combination with the other fonts. To overcome this problem, the m17n library loads information
       about font-size adjustment from the m17n database by the tags <font, resize>. The data is loaded as a plist of this format.

       FONT-SIZE-ADJUSTMENT ::= PER-FONT *

       PER-FONT ::= '(' FONT-SPEC ADJUST-RATIO ')'

       FONT-SPEC ::=
	   '(' [ FOUNDRY FAMILY
	      [ WEIGHT [ STYLE [ STRETCH [ ADSTYLE ]]]]]
	    REGISTRY ')'

       ADJUST-RATIO ::= INTEGER

       FONT-SPEC is to specify properties of a font. FOUNDRY to REGISTRY are symbols corresponding to Mfoundry to Mregistry property of a font.
       See m17nFont for the meaning of each property.

       ADJUST-RATIO is an integer number specifying by percentage how much the font-size must be adjusted. For instance, this PER-FONT:

	   ((devanagari-cdac) 150)

       instructs the font handler of the m17n library to open a font of 1.5 times bigger than a requested size on opening a font whose registry is
       'devanagari-cdac'.

COPYRIGHT

       Copyright (C) 2001 Information-technology Promotion Agency (IPA)
       Copyright (C) 2001-2011 National Institute of Advanced Industrial Science and Technology (AIST)
       Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License
       <http://www.gnu.org/licenses/fdl.html>.

Version 1.6.2							    12 Jan 2011 						    mdbFontSize(5)
All times are GMT -4. The time now is 11:18 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy