Hi, What distribution you are using? We have SLES9 on zLinux running pure-ftpd and have it configured for only SSL/TLS connections.
Regards, Jose -----Original Message----- From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On Behalf Of Fred Schmidt Sent: Friday, June 13, 2008 2:29 AM To: [email protected] Subject: FTPS with SSL/TLS and Clear Command Channel Gidday, <NB: cross-posted to IBM-VM listserver> We're looking to implement FTPS with certificates and SSL/TLS. We've tried z/OS but it would appear that the server refuses to process Clear Command Channel commands. So now we're looking for alternatives such as under z/VM or z/Linux. It seems that many FTPS servers under Linux are RFC 4217 compliant. RFC 4217 (at http://tools.ietf.org/html/rfc4217#page-25) states... 15.3. Issues with the CCC Command Using the CCC command can create security issues. For a full description, see the "CLEAR COMMAND CHANNEL (CCC)" section of [RFC-2228]. Clients should not assume that a server will allow the CCC command to be processed. Server implementations may wish to refuse to process the CCC command on a session that has not passed through some form of client authentication (e.g., TLS client auth or FTP USER/PASS). This can prevent anonymous clients from repeatedly requesting AUTH TLS followed by CCC to tie up resources on the server. Can anyone advise whether there are packages available for z/Linux that will allow CCC to be used, eg vsftpd? We are SUSE SLES 10.1, if that matters. Regards, Fred Schmidt Department of Corporate and Information Services (DCIS) Data Centre Services (DCS) Northern Territory Government, Australia ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ----------------------------------------- *************************Attention************************* This electronic message, including any attachments, contains information that may be legally confidential and/or privileged. The information is intended solely for the individual or entity named above and access by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error and delete it from your system. ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
