Re: Looking for ftp over SSL (TLS) daemon...

From: John Rowan Littell (littejo@earlham.edu)
Date: 04/19/02


Date: Thu, 18 Apr 2002 21:19:01 -0500
From: John Rowan Littell <littejo@earlham.edu>
To: focus-sun@securityfocus.com


I replied privately, but since no one else has suggested this, I'll
say it to the list as well. There are unofficial ProFTPd patches
to support SSL/TLS (IETF draft-murray-auth-ftp-ssl-*) encryption
of the FTP session. These patches, for many post-1.2.0 versions
of ProFTPd, can be found at ftp://ftp.runestig.com/pub/proftpd-tls/.
I've been using the 1.2.5rc1 patches on a Linux system for a while
now with no problems. Since Solaris and SunOS are supported ProFTPd
platforms, I expect it would work there, too.

There's also BSDftpd-ssl, at http://bsdftpd-ssl.sc.ru, although that
only claims to have been ported to FreeBSD and Linux. However, I've
replaced my standard FreeBSD FTP client with the one from this project
and haven't looked back.

There are a few commercial programs, but I can't recall any of them at
the moment, nor am I certain whether any are available for Suns.

  --rowan

Lo, Jonathan G. Lampe and the coffee pot sang in unison:
> I am trying to find an FTP server daemon which uses SSL (TLS) in a Sun
> environment. (Not SSH.) Does anyone know of such a thing? (Vendors
> welcome to reply!!!)
>
> - Jonathan Lampe
> - jonathan@stdnet.com

-- 
John "Rowan" Littell
Systems Administrator
Earlham College Computing Services
http://www.earlham.edu/~littejo/




Relevant Pages

  • Re: Security advisory: krb5 ftpd buffer overflows (fwd)
    ... > Looks like we need to patch our krb5 port. ... > Buffer overflows exist in the FTP daemon included with MIT krb5. ... The included patches are against krb5-1.2.2. ... > #ifdef STDARG ...
    (FreeBSD-Security)
  • Re: itrc - H.P. I.T. Resource Center.
    ... >>Microsoft has had Windows Update to help administrators find patches. ... > Much prefer FTP to using any browser for downloads. ... <Opening ASCII mode data connection for file list. ...
    (comp.os.vms)
  • Re: Good sftp server?
    ... patches omits one required dependency. ... I'll probably stick to ftp over an ssh tunnel for now (e.g. until I get ... a modern sftp client that handles text mode properly). ... sftp> cd trinc ...
    (comp.os.vms)
  • Re: my computer was attacked, info please
    ... "I think that he intruded via port 21, ... Sounds like you were running a vulnerable version of FTP. ... applied service packs and patches to Win2000 doesn't necessarily mean ... > Windows 2000 with latest patches and Service Packs. ...
    (comp.security.misc)
  • Re: my computer was attacked, info please
    ... "I think that he intruded via port 21, ... Sounds like you were running a vulnerable version of FTP. ... applied service packs and patches to Win2000 doesn't necessarily mean ... > Windows 2000 with latest patches and Service Packs. ...
    (comp.security.firewalls)