| Michael Leone on 7 Aug 2015 12:18:48 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| [PLUG] If not SFTP, how's about FTPS? |
So since I can't quickly and easily get sftp chroot (since I have too old of a RHEL, and while I could upgrade, another way might be quicker). I have vsftpd, and I thought to use FTPS (FTP over SSL). So I issued a cert for it (we can issue our own certs from a separate linux VM), and thought to configure it. I can get chroot working just fine, but only with regular (non-encrypted) FTP. I can do "ssl_enable=YES", and I can make FTPS connections, but I never get a directory listing. 220 Welcome to the PHA Secure Vendor FTP service. AUTH TLS 234 Proceed with negotiation. TLSv1, cipher TLSv1/SSLv3 (DES-CBC3-SHA) - 168 bit USER upgradeprojectadmin 331 Please specify the password. PASS ********** 230 Login successful. SYST 215 UNIX Type: L8 Keep alive off... PWD 257 "/" PBSZ 0 200 PBSZ set to 0. PROT P 200 PROT now Private. PASV 227 Entering Passive Mode (192,168,1,30,165,140) LIST Connect socket #1028 to 192.168.1.30, port 42380... timeout QUIT So what's wrong here? Chroot works with non-encrypted SSL; I get a directory listing. Yet, turning on FTPS makes the directory listing not work. Any ideas? I'd include a vsftpd.log, but all it is saying is Fri Aug 7 14:54:10 2015 [pid 24318] CONNECT: Client "192.168.1.2" Fri Aug 7 14:54:11 2015 [pid 24317] [TestUser1] OK LOGIN: Client "192.168.1.2" That IP is the firewall between my DMZ and me. Anyone? ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug