Re: Looking for ftp over SSL (TLS) daemon...

From: Charles Clancy (security@xauth.net)
Date: 04/17/02


Date: Wed, 17 Apr 2002 12:08:38 -0500 (CDT)
From: Charles Clancy <security@xauth.net>
To: "Jonathan G. Lampe" <jonathan@stdnet.com>

On Fri, 12 Apr 2002, Jonathan G. Lampe wrote:

> I am trying to find an FTP server daemon which uses SSL (TLS) in a Sun
> environment. (Not SSH.) Does anyone know of such a thing? (Vendors
> welcome to reply!!!)

Use use an SSL wrapper such as stunnel (www.stunnel.org) around your
existing ftpd.

For example, the following in /etc/inetd.conf would work:

ftps stream tcp6 nowait daemon /usr/local/sbin/stunnel stunnel -p
/etc/ftpd.pem -r localhost:ftp

As a wrapper, stunnel can even negotiate SSL for protocols such as SMTP
where the switch to SSL can happen any time during the session (as opposed
to protocols like HTTPS where it happens right away). Much easier than
compiling STARTTLS support directly into sendmail...

--
[ t. charles clancy ]--[ tclancy@uiuc.edu ]--[ www.uiuc.edu/~tclancy ]
coordinated science laboratory | university of illinois | crypto group



Relevant Pages

  • RE: IIS - use SSL 3.0 only
    ... SSL 3.0 for IIS 6.0 If I am off base, please don't hesitate to let me know. ... Microsoft is providing this information as a convenience to you. ... If the server and the client have multiple protocols in common, ...
    (microsoft.public.windows.server.sbs)
  • Re: Multiple domains on https (apache)
    ... SSL can be used to secure other protocols ... HTTP was designed before SSL was ... HTTP was one of the first protocols that was SSL-ized. ... since it tells the other side the host ...
    (Fedora)
  • Re: Sockets, and secure(SSL) sockets under Windows XP and ooREXX
    ... stunnel is only useful when one has ... might need to use SSL from my machine to talk to a commercial ISP's SSL ...  Stunnel will talk with any SSL server. ... other ways were incorporated in all those protocols: ...
    (comp.lang.rexx)
  • Re: What version of SSL in 5.0 Web Server
    ... collectively referred to as SSL protocols. ... with TLS connections to the webserver? ... TLS should be enabled. ... I know there was a SSL 2.0, SSL 3.0, and TLS 1.0. ...
    (microsoft.public.windowsce.platbuilder)
  • Re: RIPA 2000 Analysis
    ... > protocols such as SSL or SSH ... > The reason is that the section 49 notice doesn't cover digital signatures ... > I've done a draft document detailing my analysis and how I reached this ...
    (sci.crypt)