Hallo zusammen! Ich bin gerade im Kampf mit meinem proftpd. Nach einigen Infos in HowTos habe ich gesehen, dass Proftpd sehr einfach FTPS supporten soll. Natürlich sind die Module mod_tls.c und mod_core.c in proftp drin, und eigentlich sollte das alles recht trivial sein...
Meine Relevante Konfig: TLSEngine on TLSProtocol TLSv1 TLSRequired off TLSVerifyClient off TLSRSACertificateFile /etc/proftpd/cert/tiger.cert.pem TLSRSACertificateKeyFile /etc/proftpd/cert/tiger.key.pem TLSCACertificateFile /etc/cacert.pem Die Passphrase habe ich entfernt aus dem Key. Ich nutze unter Windows SmartFTP, da gemäss HowTo dieses Programm auch FTPS sehr gut unterstützen soll. Offenbar failt das erste "AUTH TLS" schon, welches erfolgreich sein muss. Nur frage ich mich, weshalb dieses nicht korrekt beantworet wird! Any Idea? Waer toll... Folgendes Serverlog! /usr/sbin/proftpd -n -d 8 - mod_tls/2.0.7: using OpenSSL 0.9.7e 25 Oct 2004 - parsing '/etc/proftpd.conf' configuration - dispatching directive 'ServerName' to module mod_core - dispatching directive 'ServerType' to module mod_core - dispatching directive 'DeferWelcome' to module mod_core - dispatching directive 'MultilineRFC2228' to module mod_core - dispatching directive 'DefaultServer' to module mod_core - dispatching directive 'ShowSymlinks' to module mod_ls - dispatching directive 'TimeoutNoTransfer' to module mod_xfer - dispatching directive 'TimeoutStalled' to module mod_xfer - dispatching directive 'TimeoutIdle' to module mod_core - dispatching directive 'DisplayLogin' to module mod_core - dispatching directive 'DisplayFirstChdir' to module mod_core - dispatching directive 'ListOptions' to module mod_ls - dispatching directive 'DenyFilter' to module mod_core - Compiling deny regex '\*.*/'. - Allocated deny regex at location 0x8118580. - dispatching directive 'IdentLookups' to module mod_core - dispatching directive 'UseReverseDNS' to module mod_core - dispatching directive 'PersistentPasswd' to module mod_auth_unix - dispatching directive 'TLSEngine' to module mod_tls - dispatching directive 'TLSProtocol' to module mod_tls - dispatching directive 'TLSRequired' to module mod_tls - dispatching directive 'TLSVerifyClient' to module mod_tls - dispatching directive 'TLSRSACertificateFile' to module mod_tls - dispatching directive 'TLSRSACertificateKeyFile' to module mod_tls - dispatching directive 'TLSCACertificateFile' to module mod_tls - dispatching directive 'Port' to module mod_core - dispatching directive 'MaxInstances' to module mod_core - dispatching directive 'User' to module mod_core - dispatching auth request "getpwnam" to module mod_radius - dispatching auth request "getpwnam" to module mod_auth_file - dispatching auth request "getpwnam" to module mod_auth_unix - dispatching directive 'Group' to module mod_core - dispatching auth request "getgrnam" to module mod_radius - dispatching auth request "getgrnam" to module mod_auth_file - dispatching auth request "getgrnam" to module mod_auth_unix - dispatching directive 'Umask' to module mod_core - dispatching directive 'AllowOverwrite' to module mod_xfer - dispatching directive '<Global>' to module mod_core - dispatching directive '<Limit>' to module mod_core - dispatching directive 'AllowAll' to module mod_core - dispatching directive '</Limit>' to module mod_core - dispatching directive 'TimesGMT' to module mod_core - dispatching directive '</Global>' to module mod_core - dispatching directive '<VirtualHost>' to module mod_core - dispatching directive 'Port' to module mod_core - dispatching directive 'IdentLookups' to module mod_core - dispatching directive 'DefaultRoot' to module mod_auth - dispatching directive 'DefaultRoot' to module mod_auth - dispatching directive 'DefaultRoot' to module mod_auth - dispatching directive '</VirtualHost>' to module mod_core tiger - tiger - Config for tiger.rootnet.ch: tiger - DeferWelcome tiger - DefaultServer tiger - ShowSymlinks tiger - TimeoutNoTransfer tiger - TimeoutStalled tiger - TimeoutIdle tiger - DisplayLogin tiger - DisplayFirstChdir tiger - ListOptions tiger - DenyFilter tiger - IdentLookups tiger - TLSEngine tiger - TLSRequired tiger - TLSVerifyClient tiger - TLSRSACertificateFile tiger - TLSRSACertificateKeyFile tiger - TLSCACertificateFile tiger - UserID tiger - UserName tiger - GroupID tiger - GroupName tiger - Umask tiger - DirUmask tiger - AllowOverwrite tiger - Limit tiger - AllowAll tiger - TimesGMT tiger - tiger - Config for tiger.rootnet.ch: tiger - IdentLookups tiger - DefaultRoot tiger - DefaultRoot tiger - DefaultRoot tiger - Limit tiger - AllowAll tiger - TimesGMT tiger - mod_tls/2.0.7: passphrase locked into memory tiger - mod_delay/0.4: resetting DelayTable '/var/run/proftpd/proftpd.delay' tiger - dispatching auth request "getgroups" to module mod_radius tiger - dispatching auth request "getgroups" to module mod_auth_file tiger - dispatching auth request "getgroups" to module mod_auth_unix tiger - opening scoreboard '/var/run/proftpd/proftpd.scoreboard' tiger - ProFTPD 1.2.10 (stable) (built do mrt 22 18:28:32 CET 2001) standalone mode STARTUP tiger (X.X.X.X[X.X.X.X]) - FTP session requested from unknown class tiger (X.X.X.X[X.X.X.X]) - performing module session initializations tiger (X.X.X.X[X.X.X.X]) - mod_delay/0.4: opening DelayTable '/var/run/proftpd/proftpd.delay' tiger (X.X.X.X[X.X.X.X]) - opening scoreboard '/var/run/proftpd/proftpd.scoreboard' tiger (X.X.X.X[X.X.X.X]) - ident lookup disabled tiger (X.X.X.X[X.X.X.X]) - connected - local : X.X.X.X:21 tiger (X.X.X.X[X.X.X.X]) - connected - remote : X.X.X.X:1598 tiger (X.X.X.X[X.X.X.X]) - FTP session opened. tiger (X.X.X.X[X.X.X.X]) - dispatching PRE_CMD command 'AUTH TLS' to mod_rewrite tiger (X.X.X.X[X.X.X.X]) - dispatching PRE_CMD command 'AUTH TLS' to mod_tls tiger (X.X.X.X[X.X.X.X]) - dispatching PRE_CMD command 'AUTH TLS' to mod_core tiger (X.X.X.X[X.X.X.X]) - dispatching PRE_CMD command 'AUTH TLS' to mod_core tiger (X.X.X.X[X.X.X.X]) - dispatching CMD command 'AUTH TLS' to mod_tls tiger (X.X.X.X[X.X.X.X]) - dispatching LOG_CMD_ERR command 'AUTH TLS' to mod_log tiger (X.X.X.X[X.X.X.X]) - dispatching auth request "endpwent" to module mod_radius tiger (X.X.X.X[X.X.X.X]) - dispatching auth request "endpwent" to module mod_auth_file tiger (X.X.X.X[X.X.X.X]) - dispatching auth request "endpwent" to module mod_auth_unix tiger (X.X.X.X[X.X.X.X]) - dispatching auth request "endgrent" to module mod_radius tiger (X.X.X.X[X.X.X.X]) - dispatching auth request "endgrent" to module mod_auth_file tiger (X.X.X.X[X.X.X.X]) - dispatching auth request "endgrent" to module mod_auth_unix tiger (X.X.X.X[X.X.X.X]) - FTP session closed. tiger - ProFTPD terminating (signal 2) tiger - mod_tls/2.0.7: scrubbing all passphrases from memory tiger - ProFTPD 1.2.10 standalone mode SHUTDOWN tiger - deleting existing scoreboard '/var/run/proftpd/proftpd.scoreboard' tiger - mod_tls/2.0.7: scrubbing all passphrases from memory +-------------------------------+ +-------------------------------+ | Miro Dietiker | | MD Systems Miro Dietiker | +-------------------------------+ +-------------------------------+
