lftp uses encrypted connection automatically when it is available. The need to set ssl:verify-certificate arises because of an invalid server certificate. The connection is still encrypted, but not as secure as it could be (man in the middle attack may be possible). If you do not control the server, there is little you can do to improve security.
To verify the connection security, you can turn on debug in lftp and see the SSL/TLS negotiation and server's certificate information. 2015-11-19 5:13 GMT+03:00 Steven Dennis <nzdreame...@gmail.com>: > Hello, > > I'm new to lftp (and Linux). I have been able to connect to remote server > and use some simple commands (mirror) to get files down from the server. > > The problem is that when I connect to my server, I need to issue the set > ssl:verify-certificate no before I start otherwise I cannot issue any > commands to get the server to do anything. > > I would like to set up a secure connection (send all data encrypted), but > am unsure how to do this. The different protocols and ways to do this is > quite confusing. I know that the server issues AUTH TLS when I connect. > Could someone hold my hand to help me connect correctly using an encrypted > protocol using lftp? > > Thanks > > > > _______________________________________________ > lftp mailing list > lftp@uniyar.ac.ru > http://univ.uniyar.ac.ru/mailman/listinfo/lftp > > -- Alexander.
_______________________________________________ lftp mailing list lftp@uniyar.ac.ru http://univ.uniyar.ac.ru/mailman/listinfo/lftp
