From owner-freebsd-questions  Sun Oct  6 14:52:18 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 9D84D37B401
	for <freebsd-questions@FreeBSD.ORG>; Sun,  6 Oct 2002 14:52:17 -0700 (PDT)
Received: from zoon.lafn.org (zoon.lafn.org [206.117.18.9])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 248E143E4A
	for <freebsd-questions@FreeBSD.ORG>; Sun,  6 Oct 2002 14:52:17 -0700 (PDT)
	(envelope-from bc979@lafn.org)
Received: from lafn.org (66-81-22-208-modem.o1.com [66.81.22.208])
	by zoon.lafn.org (8.12.3/8.11.3) with ESMTP id g96LqEBU023217;
	Sun, 6 Oct 2002 14:52:15 -0700 (PDT)
	(envelope-from bc979@lafn.org)
Date: Sun, 6 Oct 2002 14:52:16 -0700
Subject: Re: Secure FTPd
Content-Type: text/plain; charset=US-ASCII; format=flowed
Mime-Version: 1.0 (Apple Message framework v546)
Cc: freebsd-questions@FreeBSD.ORG
To: Socketd <db@traceroute.dk>
From: Doug Hardie <bc979@lafn.org>
In-Reply-To: <20021006.17501900.3757511389@rafter.>
Message-Id: <E10FF169-D975-11D6-A2D9-000393681B06@lafn.org>
Content-Transfer-Encoding: 7bit
X-Mailer: Apple Mail (2.546)
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

On Sunday, Oct 6, 2002, at 10:50 US/Pacific, Socketd wrote:
> I have read about adding SSL support to ftpd, but I can't remember 
> where
> I read it. I am running a ftp server using the ftpd in the base system
> and now I want to only allow encrypted ftp connections. What should I 
> do?
> Use /usr/ports/security/stunnel, to make universal SSL support to POP3,
> IMAP and FTP? Or is there a better way? (I don't want to use ssh's 
> ftpd).
>
> Can I also use SSL with SMTP? I read that it was done once, but people
> don't use it anymore?

The problem with adding SSL to ftpd is the clients.  You would have to 
create an ftp client with SSL added also.  ssh's sftp has that 
capability and there are 2 generally available clients - sftp and scp.  
I believe there are clients for most computers.

qpopper provides SSL for POP3 which works with most of the common mail 
clients.  You may have to provide a popper port for both 110 and 995 in 
order to pick up both the older and newer clients.  I have had to 
provide both.

SSL can be used with sendmail.  There is a lot of information available 
at www.sendmail.org.  I have not tried that yet.  Its on the list of 
things to do someday.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message