LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - General (https://www.linuxquestions.org/questions/linux-general-1/)
-   -   proftpd asks for rsa key everytime, can it be done automatically? (https://www.linuxquestions.org/questions/linux-general-1/proftpd-asks-for-rsa-key-everytime-can-it-be-done-automatically-446471/)

GUIPenguin 05-19-2006 12:49 PM
proftpd asks for rsa key everytime, can it be done automatically?
 
Here is my proftpd.conf file: how do I make it so it doesn't ask for my cert passphrase each time the deamon starts? I remember reading a while ago on a way so it does it automatically...but forget where I saw it. Thanks.

Code:
ServerName "Gentoo FTP"
ServerType standalone
DeferWelcome off
DefaultServer on
AuthPAM off
AuthPAMConfig ftp

Port 666

# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.

Umask 022

MaxInstances 30

# Set the user and group under which the server will run.

User nobody
Group nobody

# Normally, we want files to be overwriteable.
<Directory />
AllowOverwrite on
</Directory>



# chroot for all users of the group ftpuser
DefaultRoot ~ ftpuser

# grant login only for members of the group
<Limit LOGIN>
DenyGroup !ftpuser
</Limit>

# disable root login and require a valid shell (from /etc/shells)
<Global>
RootLogin off
RequireValidShell on
</Global>

UseReverseDNS off
IdentLookups off

# Logging formats
LogFormat default "%h %l %u %t \"%r\" %s %b"
LogFormat auth "%v [%P] %h %t \"%r\" %s"
LogFormat write "%h %l %u %t \"%r\" %s %b"

# logging

# every login
ExtendedLog /var/log/ftp_auth.log AUTH auth

# file/dir access
ExtendedLog /var/log/ftp_access.log WRITE,READ write


<IfModule mod_tls.c>
TLSEngine on
TLSLog /opt/var/proftpd/tls.log
TLSProtocol TLSv1

# Clients are required to use FTP over TLS when talking to this server
# off = clients can connect using insecure FTP or secure FTP/SSL
# on = clients can only connect using secure FTP/SSL
TLSRequired on

# Server's certificate
TLSRSACertificateFile /opt/etc/ftpd/server.crt
TLSRSACertificateKeyFile /opt/etc/ftpd/server.key

# CA the server trusts
TLSCACertificateFile /opt/etc/ftpd/ca.crt

# Authenticate clients that want to use FTP over TLS
# off = client SSL certificates are not requried
# on = client SSL certificates are required
TLSVerifyClient off
</IfModule>
EDIT: (SOLVED)

1. Remove the encryption from the RSA private key (while preserving the original file):

$ cp server.key server.key.org
$ openssl rsa -in server.key.org -out server.key

2. Make sure the server.key file is now only readable by root:

$ chmod 400 server.key


All times are GMT -5. The time now is 11:29 PM.