Implicit SSL
Due to the number of steps required setting up a secure FTP server is relatively difficult because of this I have split this over two pages. The procedure is incremental first create a server certificate ensure it runs on a local network and finally configure for Internet access.
Server certificate
FileZilla has a built in certificate generator making this process very easy.
Enable SSL support:
1. Start the server by double clicking on filezila_start.bat
2. Start the administration interface, double click on filezilla_admin.bat
3. Select Edit > Settings
4. From the left menu clcik on SSL/TLS settings A)
5. Check Enable SSL/TSL support B)
6. Default Allow explicit SSL/TLS on normal connections C)
7. Checks Force explicit SSL/TLS D)
8. Default Listen for SSL/TLS –only connections on port 990 E)
9. Click Generate new certificate F)
Note: No need to fill in Private key or Certificate files or Key password boxes.
Fill in certificate details:
11. Seclect Key size 4096bit G)
12. Insert 2-Digit country code H)
13. Fill in some real or dummy information a)-f)
14. Fill in Common name I) Use localhost or your real domain name
15. Use browse J) and navigate to folder *\udrive\filezilla_server
this is where the certificate will be saved.
16. Click Generate certificate K) this will take a while.
17. When complete click OK L)
Enable user to use SSL:
18. From admin select Edit > Users
19. Select a user account M)
20. Check Bypass N)
21. Check Force SSL for user login O)
22. Click OK P)
23. Restart server
Client
I am assuming your are using FireFox and FireFTP
1. Enter a host R) either use IP address 127.0.0.1 or host name localhost
2. Enter an Account name Q) Can be anything you like.
3. Enter login name S) e.g fred (ftp user name)
4. Enter password T) for fred (ftp user account password)
5. Click on Connection tab U)
6. From the drop down menu V) select Implicit SSL (Good)
7. Check the port number 990 is set W)
8. Finally click OK X)
Local test:
From FireFTP click the Connect button enter name an password.
Your browser will have a whinge, create a certificate exception.
FTP folder will display.
Local network test:
On another PC connected to your network repeat the above steps 1-11.
Note: At step 1 enter your PC’s IP address. (See previous page how to obtain IP address)
That confirms you can access the FTP server across your network.
Source : http://wiki.uniformserver.com
Tidak ada komentar:
Posting Komentar