kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity

use a working FTP/TLS configuration

This commit is contained in:
Antoine Beaupré 2008-10-14 23:14:42 +00:00
parent 207d3957f8
commit a07518c00a
1 changed files with 26 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
etc/alternc/templates/proftpd/proftpd.conf
View File

@ -41,16 +41,12 @@ User nobody
Group nogroup Group nogroup
RequireValidShell off RequireValidShell off
TLSRSACertificateKeyFile /etc/apache-ssl/apache.pem
TLSRSACertificateFile /etc/apache-ssl/apache.pem
TLSEngine on
# Use the IANA registered ephemeral port range # Use the IANA registered ephemeral port range
# If you have a firewall, you should open this portrange # If you have a firewall, you should open this portrange
# (or change it) # (or change it)
# since ip_conntrack_ftp cannot decrypt TLS session. # since ip_conntrack_ftp cannot decrypt TLS session.
PassivePorts 49152 65534 PassivePorts 49152 65534
<Directory /*> <Directory /*>
DenyAll DenyAll
</Directory> </Directory>
@ -97,3 +93,29 @@ DirFakeUser on ~
</Limit> </Limit>
UseIPv6 off UseIPv6 off
<IfModule mod_tls.c>
TLSEngine on
TLSLog /var/log/proftpd/tls.log
TLSProtocol TLSv1
# Are clients required to use FTP over TLS when talking to this server?
TLSRequired off
# Server's certificate
TLSRSACertificateFile /etc/alternc/apache.pem
# TLSRSACertificateKeyFile /etc/ftpd/server.key.pem
# CA the server trusts
# TLSCACertificateFile /etc/ftpd/root.cert.pem
# Authenticate clients that want to use FTP over TLS?
TLSVerifyClient off
# Allow SSL/TLS renegotiations when the client requests them, but
# do not force the renegotations. Some clients do not support
# SSL/TLS renegotiations; when mod_tls forces a renegotiation, these
# clients will close the data connection, or there will be a timeout
# on an idle data connection.
TLSRenegotiate required off
</IfModule>