Proftpd (proftpd-ssl.conf)

Proftpd com SSL

Categoria: Ftp

Software: Proftpd

[ Hits: 9.350 ]

Por: Michel Angelo da Silva Pereira


Este arquivo de configuração tem o objetivo de habilitar o suporte à criptografia no transporte TLS utilizando certificados SSL criados pelo usuário.


# This is a basic ProFTPD configuration file.
# It establishes a single server and a single anonymous login.
# It assumes that you have a user/group "nobody" and "ftp"
# for normal/anonymous operation.

ServerName                      "Nome do seu Servidor"
ServerType                      standalone
ServerAdmin                     [email protected]
ServerIdent                     off
DefaultServer                   on
RequireValidShell               off
DefaultRoot                     ~
AllowLogSymlinks                on
IdentLookups                    off
UseReverseDNS                   off

# Port 21 is the standard FTP port.
Port                            21
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask                           022

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances                    60

# Set the user and group that the server normally runs at.
User                            nobody
Group                           nogroup

# This next option is required for NIS or NIS+ to work properly:
#PersistentPasswd off

SystemLog                       /var/log/proftpd.log
TransferLog                     /var/log/xferlog

# Normally, we want files to be overwriteable.
<Directory /*>
  AllowOverwrite                on
</Directory>

# A basic anonymous FTP server configuration.
# To enable this, remove the user ftp from /etc/ftpusers.
<Anonymous ~ftp>
  RequireValidShell             off
  User                          ftp
  Group                         ftp
  # We want clients to be able to login with "anonymous" as well as "ftp"
  UserAlias                     anonymous ftp

  # Limit the maximum number of anonymous logins
  MaxClients                    50

  # We want 'welcome.msg' displayed at login, and '.message' displayed
  # in each newly chdired directory.
  DisplayLogin                  welcome.msg
  DisplayFirstChdir             .message

  # Limit WRITE everywhere in the anonymous chroot
  <Limit WRITE>
    DenyAll
  </Limit>

</Anonymous>

<IfModule mod_tls.c>
        TLSEngine off
        TLSLog /var/log/proftpd-tls.log
        TLSProtocol TLSv1

        # Are clients required to use FTP over TLS when talking to this server?
        TLSRequired on

        # Server's certificate
        TLSRSACertificateFile /etc/ssl/server.crt
        TLSRSACertificateKeyFile /etc/ssl/server.key.unsecure

        # CA the server trusts
        TLSCACertificateFile /etc/ssl/ca.crt

        # Authenticate clients that want to use FTP over TLS?
        TLSVerifyClient off
</IfModule>
  


Comentários
[1] Comentário enviado por Marcus-RJ em 13/07/2006 - 08:06h

Estou precisando do ssl para utilizar o Gaim no Suse 9.3, será que este vai conseguir quebrar meu galho?
Desde já agradeço pela sua colaboração!!!


Contribuir com comentário