|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
[PLUG] Implicit SSL with vsftpd?
|
I need to set up a secure FTP server for our DMZ. So I set up vsftpd and
activated SSL, and enforced only SSL connections. And that all works
well. I used Filezilla (on Windows), and specified a FTP over explicit
SSL connection.
What that means is that the client connects on port 21. And my firewall
guy doesn't want to leave port 21 open, he wants 990 (which is implicit
SSL). So I changed the vsftpd config to
listen_port=990
and restarted it. And tried connecting again, this time specifying FTP
over implicit SSL (which defaults to using port 990 to connect to).
Filezilla shows that I am connecting, and says it is negotiating TLS.
And then times out ...
Status: Connecting to 65.211.19.230:990...
Status: Connection established, initializing TLS...
vsftpd log shows nothing, merely a connection from the firewall IP.
Not sure where to go from here. Any thoughts?
(personally, I would set it back to explicit SSL and port 21, and move
on. Since no FTP connection can be made without SSL, that seems OK to
me. Even if I moved it to port 990, an SSL connection is still required.
And whether the port is open on 990 or 21 is pretty meaningless, since
even I can figure out how to scan for open ports. :-))
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|