Log for adding tls support in ure-ftp in FreeBSD :
>>>>================= Make directory for certificate
edp# mkdir -p /etc/ssl/private
>>>>================= Make certificate
edp# openssl req -x509 -nodes -newkey rsa:1024 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem
Generating a 1024 bit RSA private key
……..++++++
……++++++
writing new private key to ‘/etc/ssl/private/pure-ftpd.pem’
—–
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [AU]:ID
State or Province Name (full name) [Some-State]:Sumsel
Locality Name (eg, city) []:Palembang
Organization Name (eg, company) [Internet Widgits Pty Ltd]:PalComTech
Organizational Unit Name (eg, section) []:STMIK/POLTEK PalComTech
Common Name (eg, YOUR name) []:PalComTech
Email Address []:[email protected]
>>>>================= chmod 600 certificate
edp# chmod 600 /etc/ssl/private/*.pem
>>>>================= Restart FTP Server
edp# /usr/local/etc/rc.d/pure-ftpd restart
==========================================================================================
Running: /usr/local/sbin/pure-ftpd -A -c50 -B -C8 -D -fftp -H -I15 -L2000:8 -m4 -s -U133:022 -u100 -k99 -Z –Y2
Y2 => TLS level 2
Testing from ftp client :
20———- Welcome to Pure-FTPd [TLS] ———-
AUTH TLS
234 AUTH TLS OK.
TLSv1, cipher TLSv1/SSLv3 (AES256-SHA) – 256 bit
USER palcom
331 User palcom OK. Password required
PASS **********
230-User palcom has group access to: palcom
230 OK. Current restricted directory is /
Good 🙂