Hi Jim, hi Dan,
Jim wrote:
> Well I had no takers to help me figure this out so I played around today
> and figured out how to add SSL/TLS support to the built in proftpd server.
> For those interested in the instructions I created a blog which I will
> begin to add these types of things to. You can find my first how to here.
>
> http://coding.infoconex.com/post/BlueQuartz-enabling-SSLTLS-Support.aspx
>
> Please let me know if you find anything wrong with the instructions.
That's indeed pretty slick. I'll try it out on a test box and will see if I
can hack it into base-ftp as official part of BlueQuartz. Good work, Jim!
Dan wrote:
> 1) Instead of creating your own certificate why not just use the same
> one as the GUI/sendmail/dovecot uses? It took some hunting around for
> the correct files but this looks like it works...
>
> TLSRSACertificateFile /etc/admserv/certs/certificate
> TLSRSACertificateKeyFile /etc/admserv/certs/key
That's also a good suggestion, as it cuts down on the number of certs you have
to install in various places. If FTP works with the GUI certficate (and I
guess it does), then this is probably the way to go.
Dan wrote:
> 2) In the past I have edited proftpd.conf and my changes have been
> overwritten. Admittedly this was years ago so things have probably
> changed now but can someone confirm that changes to proftpd.conf will
> no longer be lost?
There is a constructor that generates the proftpd.conf when BlueQuartz is
initialized on first start of CCEd.init (after the install for example). And
there is also one handler that rewrites proftpd.conf when you add/remove
sites. To be on the safe side of things here those constructors and handlers
in base-ftp need to be checked and fixed to make sure that this change
doesn't get dropped out or causes conflicts. I'll take care of that and will
submit the updates to SVN. But as I'm a bit busy at the moment this may take
a few days.
--
With best regards,
Michael Stauber