Hello...
I am currently running the following:
Hardware -- Soyo MB (Via north and south bridges) / AMD Athlon XP Barton 3200 / 2 GB Corsair PC3200 DDR184 / Couple hundred gigs of WD ATA-100 RE drives over regular EIDE(PATA). [my home server which broadcasts over WAN and LAN]
Software -- Fedora Core 5 / Apache 2.2.2 (Perl 5.8.? / Open SSL 0.97 / Open SSH v.?.? / PHP 5) / Sendmail with Dovecot, F-Prot, and SpamAssassin / ProFTPD with a security certificate (RSA key file + cert file) generated by the previously mentioned Open SSL 0.97 (I believe revision a).
All in all, the rig runs great, and I'm very happy so far (I'll be upgrading hardware in bits and pieces, but for now I'm just happy that I finally got linux going good). I can do everything I used to do with Windows Server 2003 --- and more.
PROBLEM --- ok, so I had proftpd setup to allow ONLY TLS/SSL logins and TLS/SSL encrypted transmissions. This seems to work fine with Windows Clients like Filezilla / CuteFTP-Pro / and a couple others. However, when I tried to use Linux's gFTP Client (setup in "FTPS" mode, which is I believe the correct mode), the Client would login securely... go through some hub-bub-stuff... and then just before it would give me a directory listing it would say...
"issuing command PROT C"
.... [about 30 seconds go by]...
"command refused, connection dropped by host"
or something to that effect.
My research has told me that the CAUSE is this... the command PROT defines protection, with one of hte two following switches: PROT -P = encrypted, and PROT -C = clear (unencrypted). So proftpd was setup to ONLY do encrypted stuff, and therefore it dumped the connection.
So I figured "well, I'll disable the command to only allow encryption, and then maybe it'll do what I want it to."
Nope -- Client logs in SECURELY and then all transfers are INSECURE. That's a no-no.
So my question is ... has anyone found a way of dealing with this? Perhaps editing gFTP's config (in a way I have yet to discover) to tell it NOT to issue PROT C commands? Or a way to tell proftpd that if it receives a PROT C command that it would reply with a counter-command that forces the client to remain in encrypted mode?
I am at a loss... any help would be more than greatly appreciated, as this is the last key (pun intended) in having my "perfect" Linux software server, and I've been at it for a month with no luck.
Regards
-Vince Spinelli
vince@spinellicreations.com
University at Buffalo