| Linux - Server This forum is for the discussion of Linux Software used in a server related context. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
 |
GNU/Linux Basic Guide
This 255-page guide will provide you with the keys to understand the philosophy of free software, teach you how to use and handle it, and give you the tools required to move easily in the world of GNU/Linux. Many users and administrators will be taking their first steps with this GNU/Linux Basic guide and it will show you how to approach and solve the problems you encounter.
Click Here to receive this Complete Guide absolutely free. |
Due to network maintenance being performed by our provider, LQ will be down starting at 05:01 AM UTC. The exact duration of the downtime isn't currently known. We apologize for the inconvenience.
|
 |
10-29-2004, 11:23 AM
|
#1
|
|
LQ Newbie
Registered: Oct 2004
Posts: 6
Rep: 
|
vsFTPd - SSL connection and dynamic SSL ports
Hi all,
at the moment I have successfully configured my vsFTPd with SSL conection.
My problem is that i can access it only on local network by invoking 192.168.123.252 but when I want to access it from outside with mydomain.com:21 the connection begin but no file appera in the listing...
As I have see, SSL conection take a random port to negociate encryption, sometime 45699 sometime other, but never the same.
So I can not configure my router to forward these port because they are dynamic!
So the question is:
is there a way to configure vsFTPd or OpenSSL to use always the same SSL port???
In this way i will be able to program my router for port forwarding and i suppose my problem will be solved
I use vsFTPD 2.02 (pre-release) but also same prob on 2.01
Thanks all
|
|
|
|
|
10-29-2004, 12:24 PM
|
#2
|
|
Member
Registered: Jan 2004
Posts: 409
Rep: 
|
What is the default port for the ftp-ssl service?
|
|
|
|
|
10-29-2004, 02:23 PM
|
#3
|
|
LQ Newbie
Registered: Oct 2004
Posts: 6
Original Poster
Rep:
|
Don't know
I don't know... but i would like to know  |
|
|
|
|
10-30-2004, 03:51 AM
|
#4
|
|
Member
Registered: Jan 2004
Posts: 409
Rep:
|
Is there any option in the vsftpd.conf for changing the default port or not?
|
|
|
|
|
10-31-2004, 03:43 AM
|
#5
|
|
LQ Newbie
Registered: Oct 2004
Posts: 6
Original Poster
Rep:
|
no
no, not find anything...
|
|
|
|
|
11-06-2004, 06:58 AM
|
#6
|
|
LQ Newbie
Registered: Oct 2004
Posts: 6
Original Poster
Rep:
|
Find solution!!!
For those who are interested by the solution:
You just have to set this:
pasv_min_port=15000
pasv_max_port=15000
Open the port 15000 on your router (NAT/Firewall) and that's all!
PS: You have to set your client in "passive" mode...
|
|
|
|
|
11-06-2004, 07:03 AM
|
#7
|
|
Member
Registered: Jan 2004
Posts: 409
Rep:
|
Well , the port you have to open on the servers firewall is 15000 ?
|
|
|
|
|
11-06-2004, 07:12 AM
|
#8
|
|
LQ Newbie
Registered: Oct 2004
Posts: 6
Original Poster
Rep:
|
Yes
Yes, if you define
pasv_min_port=15000
pasv_min_port=15000
You have to forward the port 15000 in your router
if
pasv_min_port=42563
pasv_min_port=42563
You have to forward the port 42563 in your router,aso...
or other exemple you can define a range
pasv_min_port=15000
pasv_min_port=15005
You have to forward the port 15000 to 15005 in your router
The only thing important is that the port number must be > 1024
To resume, ssl connection is done with the "passive" port of a normal connection
Remarque:
If you define only one port like I have done, you will be able to connect several client at the same time thrue this single port, no need to open one port per client!
So now my client connect to mydomain:21 and ssl encryption is done thrue 15000 port
My router forward port 21/15000 to my server 192.168.1.254
I use also webdrive for the connection that work great!!!
Webdrive
http://www.southrivertech.com/images/wd/mapdesktop.gif
Last edited by toxoplasme; 11-06-2004 at 07:15 AM.
|
|
|
|
|
11-06-2004, 01:02 PM
|
#9
|
|
Member
Registered: Jan 2004
Posts: 409
Rep:
|
well, can any of the ordinaries ftp clients connected to the ftp-ssl (like ftp alone)?
|
|
|
|
|
08-22-2008, 10:37 PM
|
#10
|
|
Member
Registered: Jul 2006
Posts: 222
Rep:
|
in redhat look for etc/services file...those are the list of available ports.
|
|
|
|
|
08-22-2008, 10:42 PM
|
#11
|
|
Guru
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678
Rep:
|
Why did you post that on a 4 year old thread?
That isn't what /etc/services is in any case
|
|
|
|
|
08-22-2008, 10:50 PM
|
#12
|
|
Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
And on that note, I'm zapping this zombie thread.
I'm also filing it away in Server, as it wasn't ever a security issue.
Last edited by win32sux; 08-22-2008 at 10:57 PM.
|
|
|
|
| Thread Tools |
Search this Thread |
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -5. The time now is 07:22 PM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
