On Aug 24, 2009, at 11:19, MacIntyre, Ross A wrote:
Can someone tell me where I can get ftps, or how to enable another
piece of software to use the ftps protocol? (Looking about I see
that lftp is already on the machine[as is sftp] and the man page for
lftp says that it supports the ftps protocol if it is compiled with
the openssl library)
Yes, either OpenSSL or GnuTLS will do.
The current Fedora packages of lftp are built with GnuTLS, I'd assume
RHEL is the same.
If the server advertises TLS support, lftp will use it automatically
by default.
You can force ssl support so that lftp doesn't try logging on if it's
not available:
set ftp:ssl-force true
When it's not working, it will output an error message:
Login failed: ftp:ssl-force is set and server does not support or
allow SSL
You should also check out "man lftp" regarding the other ftp:ssl and
ssl: options.
In particular, you'll probably want to use "ssl:ca-file" and
"ssl:verify-certificate" options to properly verify the ssl
certificate on connection, to make sure that it's really your server
lftp is sending the password to. The encryption on its own doesn't
help much if you're communicating with a hijacked decoy server run by
a bad guy. :)
