2010年3月17日 星期三

VSFTP使用SSL連線設定

SFTP使用SSL連線設定
首先要產生合適的 ssl certificate:
openssl req -new -x509 -nodes -out vsftpd.pem -keyout vsftpd.pem
Copy "vsftpd.pem" to your vsftpd directory:
cp vsftpd.pem /etc/vsftpd
Add the following to vsftpd.conf:

# Turn on SSL
ssl_enable=YES

# Allow anonymous users to use secured SSL connections
allow_anon_ssl=YES

# All non-anonymous logins are forced to use a secure SSL connection in order to
# send and receive data on data connections.
force_local_data_ssl=YES

# All non-anonymous logins are forced to use a secure SSL connection in order to send the password.
force_local_logins_ssl=YES

# Permit TLS v1 protocol connections. TLS v1 connections are preferred
ssl_tlsv1=YES

# Permit SSL v2 protocol connections. TLS v1 connections are preferred
ssl_sslv2=YES

# permit SSL v3 protocol connections. TLS v1 connections are preferred
ssl_sslv3=NO

# Specifies the location of the RSA certificate to use for SSL encrypted connections
rsa_cert_file=/etc/vsftpd/vsftpd.pem

0 意見: