# vsFTPd 2?!?!!??!!

## jani80k

Hi!

vsFTPd is my favourite FTP Server. I use it whenever i need an FTPd. It performs great and its speed hasn´t been equalled - at least from what I have experienced. Actually, the only thing i didn´t like so much about vsFTPd was, that it didn´t support secure logins. I was quite happy, to hear, that SSL would be a part of vsFTPd 2. As you can see here, vsFTPd 2 is out for quite some time now, but it still hasn´t made it to portage yet...

Does anyone know why?

(I know there's an ebuild for vsFTPd-2.0.2-pre1 on bugs.gentoo.org)

----------

## anybody

Hi jani80k,

i have no idea why it isn't in yet.

I did however try the ebuild for 2.0.2pre2 from the bug...

I was wondering if you were able to get ssl/tls encryption to work with those vsftpd version, because i allways get a

OOPS: SSL: cannot load RSA key

even though the RSA key is right where it belongs.

Yours sincerely,

                   anybody

----------

## BlinkEye

yeah, get that error too, but i haven't placed yet any RSA key in the corresponding folder  :Wink: 

----------

## anybody

I finally solved the problem with the help of someone @ freshmeat.net:

His Post can be found here: http://freshmeat.net/projects/vsftpd/

And the important stuff from it is the following:

SSL with vsftpd by John Newton - Aug 27th 2004 13:21:18

Cert file needs to include the private key in the same file.

(1) Generatation of private key: openssl genrsa -out vsftpd_key.pem 1024

(2) Generatation of Cert: openssl req -new -x509 -key vsftpd_key.pem -out vsftpd_cert.pem

(3) Combining: cat vsftpd_key.pem >> vsftpd_cert.pem

(4) Entry in vsftpd.conf: rsa_cert_file=/path/to/cert/vsftpd_cert.pem

----------

## BlinkEye

great. thanks for this little howto. i'm just about trying it out

----------

## Raw Kuts

thanks for the help, it all seems to be working. no more IE users on my ftp now   :Twisted Evil: 

----------

## anybody

Oh, by the way:

Since i upgraded to v2.0.2_pre2 my clients get timeouts when downloading stuff from the ftp . This also happens locally and does not seem to happen after X Megabyte, but only after some time (~ 5 minutes?) has passed.

After reconnecting, transferring will work fine for another 5 minutes - and so on and so on.

All in all it requires a few hundred reconnects to download a large file  :Smile: 

Has anyone else noticed this problem ?

I have so far only tried FileZilla as FTP client - but i somehow doubt that it's the clients fault...

Yours sincerely,

          Anybody

----------

## Inte

 *anybody wrote:*   

> Cert file needs to include the private key in the same file.
> 
> (1) Generatation of private key: openssl genrsa -out vsftpd_key.pem 1024
> 
> (2) Generatation of Cert: openssl req -new -x509 -key vsftpd_key.pem -out vsftpd_cert.pem
> ...

 

Thanks for the little HowTo, but gFTP can't connect because of this failure:

```
Error 18:self signed certificate
```

 *http://gftp.seul.org/faq.html#AEN179 wrote:*   

> Chapter 5. SSL Issues
> 
> 5.1. When using the FTPS or HTTPS protocol, gFTP cannot connect if the remote server uses a self signed certificate.
> 
> You must add the public key of your self signed CA to your OpenSSL certs directory. On my Debian box, the OpenSSL certs are installed in /usr/lib/ssl/certs.

 

Any suggestions?

----------

