On Tue, Jun 28, 2005 at 04:48:46PM -0500, Randal Anders wrote:
> Seems like everything is OK, at least I can see that AUTH TLS and the
> certificates are being used. Is this the correct mode of operations?
Yes.
> If
> so, I should probably tell the owner of the target server that he does not
> have the ftps protocol set up as he thinks he does (that's how I got on
> this path in the first place).
It is a misundertanding of the word ftps. In fact you _did_ use secure ftp
connection, but it was explicitly established in ftp protocol. lftp uses
the protocol ftps as designation of implicit secure connection setup.
> I assume that these features in the conf file are OK, are there any I
> should remove?
They are ok. You can also add:
set ftp:ssl-force yes
to disable connecting without ssl.
> ## Set FTP to negotiate SSL connection
> set ftp:ssl-allow true
> set ssl:ca-file /usr/local/ssl/certs/Equifax.pem
> #set ssl:verify-certificate true
Why did you comment out this line? Were there any problems with it?
> set ftp:ssl-protect-data true
> #set cmd:default-protocol ftps
> set ssl:key-file /usr/local/ssl/certs/privkey.pem
> set ftp:passive-mode false
> set use-feat off
--
Alexander.
