Gidday, <NB: cross-posted to IBM-VM listserver>
We're looking to implement FTPS with certificates and SSL/TLS. We've tried z/OS but it would appear that the server refuses to process Clear Command Channel commands. So now we're looking for alternatives such as under z/VM or z/Linux. It seems that many FTPS servers under Linux are RFC 4217 compliant. RFC 4217 (at http://tools.ietf.org/html/rfc4217#page-25) states... 15.3. Issues with the CCC Command Using the CCC command can create security issues. For a full description, see the "CLEAR COMMAND CHANNEL (CCC)" section of [RFC-2228]. Clients should not assume that a server will allow the CCC command to be processed. Server implementations may wish to refuse to process the CCC command on a session that has not passed through some form of client authentication (e.g., TLS client auth or FTP USER/PASS). This can prevent anonymous clients from repeatedly requesting AUTH TLS followed by CCC to tie up resources on the server. Can anyone advise whether there are packages available for z/Linux that will allow CCC to be used, eg vsftpd? We are SUSE SLES 10.1, if that matters. Regards, Fred Schmidt Department of Corporate and Information Services (DCIS) Data Centre Services (DCS) Northern Territory Government, Australia ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
