secure ftp

Hi folks,

since NW6SP4 the ftp server supports secure ftp.
Does anyone knows which configuration is necessary to get this running? 
(certificate, port ....)
I can establish an unencrypted connection but if I configure SSL on the 
ftp client this doesn't works.

Any ideas are welcome
Thanks Wolfgang Becher

-- 
Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/
0
Wolfgang
2/13/2004 10:36:58 AM
novell.netware.6x.storage 4914 articles. 1 followers. Follow

10 Replies
539 Views

Similar Articles

[PageSpeed] 39

Wolfgang Becher wrote:
> Hi folks,
> 
> since NW6SP4 the ftp server supports secure ftp.
> Does anyone knows which configuration is necessary to get this running? 
> (certificate, port ....)
> I can establish an unencrypted connection but if I configure SSL on the 
> ftp client this doesn't works.

What error do you get?  I just upgraded to sp4 and ssl seems to work for 
me (using bsdftpd-ssl http://bsdftpd-ssl.sc.ru/ ):

(dan.9) /home/dan> ftps -z secure novell1
Connected to novell1.
220 Service Ready for new User
Name (novell1:dan): dnelson
234 Enabling SSL
[TLSv1/SSLv3, cipher DES-CBC3-SHA, 168 bits]
331 Password Needed for Login
Password:
230 User dnelson Logged in Successfully
200 Protection Buffer Size set. PBSZ=0
200 Protection Level is set
TLS/SSL protection of data connections on.
Remote system type is NETWARE.
ftps> _


-- 
	Dan Nelson
	dnelson@allantgroup.com
0
Dan
2/16/2004 5:47:26 PM
Hi Dan,

we tried this with "smartftp" and I get an error-message "no connection".
"This is a little bit more information as we need" :-((

I've configured nothing on the server side, is this ok?
I think I should tell the ftp server that him is running secure ftp and 
which certificate should use ?
Maybee I'm wrong?

We did an update from SP3 to SP4, equivalent the ldap-SSL configuration I 
should configure the certificate for the ftp server. Did you these?

kind regards
Wolfgang Becher


On Mon, 16 Feb 2004 17:47:26 GMT, Dan Nelson <dnelson@allantgroup.com> 
wrote:

> Wolfgang Becher wrote:
>> Hi folks,
>>
>> since NW6SP4 the ftp server supports secure ftp.
>> Does anyone knows which configuration is necessary to get this running? 
>> (certificate, port ....)
>> I can establish an unencrypted connection but if I configure SSL on the 
>> ftp client this doesn't works.
>
> What error do you get?  I just upgraded to sp4 and ssl seems to work for 
> me (using bsdftpd-ssl http://bsdftpd-ssl.sc.ru/ ):
>
> (dan.9) /home/dan> ftps -z secure novell1
> Connected to novell1.
> 220 Service Ready for new User
> Name (novell1:dan): dnelson
> 234 Enabling SSL
> [TLSv1/SSLv3, cipher DES-CBC3-SHA, 168 bits]
> 331 Password Needed for Login
> Password:
> 230 User dnelson Logged in Successfully
> 200 Protection Buffer Size set. PBSZ=0
> 200 Protection Level is set
> TLS/SSL protection of data connections on.
> Remote system type is NETWARE.
> ftps> _
>
>



-- 
Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/
0
Wolfgang
2/17/2004 12:56:48 PM
Wolfgang Becher wrote:
> we tried this with "smartftp" and I get an error-message "no connection". 
> "This is a little bit more information as we need" :-((
> 
> I've configured nothing on the server side, is this ok? 
> I think I should tell the ftp server that him is running secure ftp and  
> which certificate should use ? 
> Maybee I'm wrong?
> 
> We did an update from SP3 to SP4, equivalent the ldap-SSL configuration 
> I should configure the certificate for the ftp server. Did you these?

No; all I did was install SP4.  I don't know where you would configure 
an SSL certificate anyway.  There's nothing in the web interface or 
ftpserv.cfg referring to ssl security.

Try this to see if your nwftpd supports SSL.  Run "telnet novell1 ftp" 
from a cmd.exe window, and enter "AUTH TLS".  If you get a "234 Enabling 
SSL" message back, it's supported.

I downloaded smartftp, and it looks like you need to select the "FTP 
over SSL (explicit)" option.  I could log into my server with SSL 
encryption this way.

-- 
	Dan Nelson
	dnelson@allantgroup.com
0
Dan
2/19/2004 10:17:38 PM
> I downloaded smartftp, and it looks like you need to select the "FTP
> over SSL (explicit)" option.  I could log into my server with SSL
> encryption this way.

Dan,

Are you able to successfully upload files to the server using encryption.  I
am able to connect to my ftp server using SSL and am able to perform other
functions, I just cannot upload files.  It sends the file, but the I get a
message saying the server timed out.  I am also using smartftp.

Thanks,
David


0
David
2/19/2004 10:28:04 PM
David wrote:
>>I downloaded smartftp, and it looks like you need to select the "FTP
>>over SSL (explicit)" option.  I could log into my server with SSL
>>encryption this way.
> 
> Are you able to successfully upload files to the server using encryption.  I
> am able to connect to my ftp server using SSL and am able to perform other
> functions, I just cannot upload files.  It sends the file, but the I get a
> message saying the server timed out.  I am also using smartftp.

Make sure passive mode is enabled (blue border around the button).  If I 
turn off passive mode, it looks like it tries to connect to 
"repeater.smartftp.com" for some reason, and then times out.  I can 
send/receive files fine with it enabled.


-- 
	Dan Nelson
	dnelson@allantgroup.com
0
Dan
2/23/2004 5:59:55 PM
>  I can
> send/receive files fine with it enabled.

I was also using the passive connection.  So you are able to send a file to
the server using an encrypted data channel?  Did you have to configure the
server or client?

I have copied the log output below when I try to send a file.

Thanks,
David

150 Opening data connection
Connected. Exchanging encryption keys...
Session Cipher: 128 bit RC4
SSL encrypted session established.
20 bytes sent successfully. (20 B/s) (00:00:01).
Connection closed. Server timeout.
PASV


0
DavidM
2/24/2004 1:25:22 AM
DavidM wrote:
>> I can send/receive files fine with it enabled.
> 
> I was also using the passive connection.  So you are able to send a file to 
> the server using an encrypted data channel?  Did you have to configure the 
> server or client?

I can send and receive files fine.  I didn't touch the server's config 
at all, and the only thing I changed on the client was to set "FTP over 
SSL (explicit)" before connecting.

> I have copied the log output below when I try to send a file.
> 
> 150 Opening data connection
> Connected. Exchanging encryption keys...
> Session Cipher: 128 bit RC4
> SSL encrypted session established.
> 20 bytes sent successfully. (20 B/s) (00:00:01).
> Connection closed. Server timeout.
> PASV

This is what I get:

:     TYPE I
: 200 TYPE Command OK I
:     PASV
: 227 Entering Passive Mode (172.16.0.99,15,2)
:     STOR NTLDR
:     Opening data connection IP: 172.16.0.99,15,2 PORT: 3842.
: 150 Opening data connection
:     Connected. Exchanging encryption keys...
:     Session Cipher: 128 bit RC4
:     SSL encrypted session established.
:     233632 bytes sent successfully. (228.16 KB/s) (00:00:01).
: 226 Transfer Complete



-- 
	Dan Nelson
	dnelson@allantgroup.com
0
Dan
2/25/2004 3:13:10 PM
I have the same problem as David. Worked fine with NW5 and NWFTPD9 but
started having the disconnect problem when we went to NW65SP1 using SSL with
both.

"Dan Nelson" <dnelson@allantgroup.com> wrote in message
news:aY2%b.2270$Mw6.2235@prv-forum2.provo.novell.com...
> DavidM wrote:
> >> I can send/receive files fine with it enabled.
> >
> > I was also using the passive connection.  So you are able to send a file
to
> > the server using an encrypted data channel?  Did you have to configure
the
> > server or client?
>
> I can send and receive files fine.  I didn't touch the server's config
> at all, and the only thing I changed on the client was to set "FTP over
> SSL (explicit)" before connecting.
>
> > I have copied the log output below when I try to send a file.
> >
> > 150 Opening data connection
> > Connected. Exchanging encryption keys...
> > Session Cipher: 128 bit RC4
> > SSL encrypted session established.
> > 20 bytes sent successfully. (20 B/s) (00:00:01).
> > Connection closed. Server timeout.
> > PASV
>
> This is what I get:
>
> :     TYPE I
> : 200 TYPE Command OK I
> :     PASV
> : 227 Entering Passive Mode (172.16.0.99,15,2)
> :     STOR NTLDR
> :     Opening data connection IP: 172.16.0.99,15,2 PORT: 3842.
> : 150 Opening data connection
> :     Connected. Exchanging encryption keys...
> :     Session Cipher: 128 bit RC4
> :     SSL encrypted session established.
> :     233632 bytes sent successfully. (228.16 KB/s) (00:00:01).
> : 226 Transfer Complete
>
>
>
> -- 
> Dan Nelson
> dnelson@allantgroup.com


0
Steven
3/3/2004 12:42:12 AM
Steven,

See the thread in the netware 6.x administration forum started on 2/5/04
titled "ssl ftp problem - repost".  Jared Jennings was able to reproduce the
problem and is discussing it with the folks at novell.

"Steven Lim" <s.lim@curtin.edu.au> wrote in message
news:ER91c.7988$Mw6.376@prv-forum2.provo.novell.com...
> I have the same problem as David. Worked fine with NW5 and NWFTPD9 but
> started having the disconnect problem when we went to NW65SP1 using SSL
with
> both.
>
> "Dan Nelson" <dnelson@allantgroup.com> wrote in message
> news:aY2%b.2270$Mw6.2235@prv-forum2.provo.novell.com...
> > DavidM wrote:
> > >> I can send/receive files fine with it enabled.
> > >
> > > I was also using the passive connection.  So you are able to send a
file
> to
> > > the server using an encrypted data channel?  Did you have to configure
> the
> > > server or client?
> >
> > I can send and receive files fine.  I didn't touch the server's config
> > at all, and the only thing I changed on the client was to set "FTP over
> > SSL (explicit)" before connecting.
> >
> > > I have copied the log output below when I try to send a file.
> > >
> > > 150 Opening data connection
> > > Connected. Exchanging encryption keys...
> > > Session Cipher: 128 bit RC4
> > > SSL encrypted session established.
> > > 20 bytes sent successfully. (20 B/s) (00:00:01).
> > > Connection closed. Server timeout.
> > > PASV
> >
> > This is what I get:
> >
> > :     TYPE I
> > : 200 TYPE Command OK I
> > :     PASV
> > : 227 Entering Passive Mode (172.16.0.99,15,2)
> > :     STOR NTLDR
> > :     Opening data connection IP: 172.16.0.99,15,2 PORT: 3842.
> > : 150 Opening data connection
> > :     Connected. Exchanging encryption keys...
> > :     Session Cipher: 128 bit RC4
> > :     SSL encrypted session established.
> > :     233632 bytes sent successfully. (228.16 KB/s) (00:00:01).
> > : 226 Transfer Complete
> >
> >
> >
> > -- 
> > Dan Nelson
> > dnelson@allantgroup.com
>
>


0
DavidM
3/4/2004 2:48:53 AM
Thanks Dave

"DavidM" <mart1347REMOVE@bellsouth.net> wrote in message
news:pOw1c.9499$Mw6.7468@prv-forum2.provo.novell.com...
> Steven,
>
> See the thread in the netware 6.x administration forum started on 2/5/04
> titled "ssl ftp problem - repost".  Jared Jennings was able to reproduce
the
> problem and is discussing it with the folks at novell.
>
> "Steven Lim" <s.lim@curtin.edu.au> wrote in message
> news:ER91c.7988$Mw6.376@prv-forum2.provo.novell.com...
> > I have the same problem as David. Worked fine with NW5 and NWFTPD9 but
> > started having the disconnect problem when we went to NW65SP1 using SSL
> with
> > both.
> >
> > "Dan Nelson" <dnelson@allantgroup.com> wrote in message
> > news:aY2%b.2270$Mw6.2235@prv-forum2.provo.novell.com...
> > > DavidM wrote:
> > > >> I can send/receive files fine with it enabled.
> > > >
> > > > I was also using the passive connection.  So you are able to send a
> file
> > to
> > > > the server using an encrypted data channel?  Did you have to
configure
> > the
> > > > server or client?
> > >
> > > I can send and receive files fine.  I didn't touch the server's config
> > > at all, and the only thing I changed on the client was to set "FTP
over
> > > SSL (explicit)" before connecting.
> > >
> > > > I have copied the log output below when I try to send a file.
> > > >
> > > > 150 Opening data connection
> > > > Connected. Exchanging encryption keys...
> > > > Session Cipher: 128 bit RC4
> > > > SSL encrypted session established.
> > > > 20 bytes sent successfully. (20 B/s) (00:00:01).
> > > > Connection closed. Server timeout.
> > > > PASV
> > >
> > > This is what I get:
> > >
> > > :     TYPE I
> > > : 200 TYPE Command OK I
> > > :     PASV
> > > : 227 Entering Passive Mode (172.16.0.99,15,2)
> > > :     STOR NTLDR
> > > :     Opening data connection IP: 172.16.0.99,15,2 PORT: 3842.
> > > : 150 Opening data connection
> > > :     Connected. Exchanging encryption keys...
> > > :     Session Cipher: 128 bit RC4
> > > :     SSL encrypted session established.
> > > :     233632 bytes sent successfully. (228.16 KB/s) (00:00:01).
> > > : 226 Transfer Complete
> > >
> > >
> > >
> > > -- 
> > > Dan Nelson
> > > dnelson@allantgroup.com
> >
> >
>
>


0
Steven
3/4/2004 6:29:58 AM
Reply:

Similar Artilces:

Netware 6.5 and secure FTP
I'm not sure which group this should go in. So if I am posting in the wrong group, I apologies. Is Netware 6.5 capable of doing FTP/Implicit SSL over port 990? If so, how is this configured? In testing, I have only been able to do SSL over port 21. But I have an app that will only do Implicit SSL on 990. -- daybrite ------------------------------------------------------------------------ On 01/03/2010 17:06, daybrite wrote: > I'm not sure which group this should go in. So if I am posting in the > wrong group, I apologies. Maybe http://forums.nove...

Securing a NetWare 6.5 FTP server....
Hello all.... I have a NetWare 6.5 SP5 FTP server and I am looking into securing the downloads to it. My goals are two-fold: 1. I would like to make it as secure as possible. 2. I would like to make it as easy as possible on my existing users of this FTP server without compromising goal #1. How do I do this? (And, please, speak slowly and assume that I know nothing about setting up an FTP server because I actually know next to nothing. Detailed instructions are encouraged and would be greatly appreciated.) Thanks in advance. Delon E. Weuve Senior Network Engineer ...

Secure FTP Netware 5.1 SP7
I just upgraded one of my servers to 5.1 SP7 from 5.1 SP6 for the sole purpose of having secure FTP. The problem is I have no idea how to get this going. My 5.1 documentation refers to web interfaces to start this service but my company does not allow me to utilize the web interfaces due to possible security issues/concerns. I have another Netware 5.1 SP6 server running my current FTP services (non-secure)and didn't want to disrupt connections. The NWFTPD.NLM doesn't appear to be available on the updated server and am pretty sure the NLM has changed all together. S...

Secure FTP on Netware 5.1 SP7
I just upgraded one of my servers to 5.1 SP7 from 5.1 SP6 for the sole purpose of having secure FTP. The problem is I have no idea how to get this going. My 5.1 documentation refers to web interfaces to start this service but my company does not allow me to utilize the web interfaces due to possible security issues/concerns. I have another Netware 5.1 SP6 server running my current FTP services (non-secure)and didn't want to disrupt connections. The NWFTPD.NLM doesn't appear to be available on the updated server and am pretty sure the NLM has changed all together. S...

Secure FTP Netware 5.1 SP7 #2
I just upgraded one of my servers to 5.1 SP7 from 5.1 SP6 for the sole purpose of having secure FTP. The problem is I have no idea how to get this going. My 5.1 documentation refers to web interfaces to start this service but my company does not allow me to utilize the web interfaces due to possible security issues/concerns. I have another Netware 5.1 SP6 server running my current FTP services (non-secure)and didn't want to disrupt connections. The NWFTPD.NLM doesn't appear to be available on the updated server and am pretty sure the NLM has changed all together. S...

Secure FTP server for NetWare (NLM or JAVA based)
Does anyone know if such a beast exists.....the base ftp server is great, but i need an sftp version and would like to also run on netware if i can. thanks, chip Netware 6.5 has one that is part of openssh I couldn't find any binaries for it but it looks like one is on its way. A search through the documentation for netware 6.5 will tell you some of its features however it seems useless for nw6 right now. if any one else reads will there be a binary that will work with nw6? JH > Does anyone know if such a beast exists.....the base ftp server is great, ...

Security Services 2.0.1 ( and 2.0.2 ) and NetWare FTP
I have problems ( can�t login ) to login to all NetWare FTP servers after installing SS 2.0.1 ( and no change after installing 2.0.2 ). Same problem is with NetWare Screen Saver on NW 6.5 servers. I am not sure about FTP. But I know the scrsaver works. I have servers running edir881 and ss202 and i unlock scrsaver all the time. I am running nw65sp5 > I am not sure about FTP. But I know the scrsaver works. I have servers > running edir881 and ss202 and i unlock scrsaver all the time. I am running > nw65sp5 > Jeff, I�m on eDir 8.7.3.8, there is a problem. D...

Netware FTP vs. OES2L FTP
Guys, running Netware FTP for customers to dump some files via FTP to my NSS volumes. Does this really work exactly the same with OES2 Linux FTP (pure-ftpd) ? Can a user login with eDir account and get right into there homedir on the NSS volume on OES2 Linux? Or other common NSS volume/dir. Cheers, Anders -- -- Technical Consultant KERFI AB, Sweden ------------------------------------------------------------------------ Yes, using pure-ftpd on OES2 Linux, you can get access to NSS volumes using an eDirectory user. 'Novell Documentation' (http://www...

Secure FTP
Is there any options for secure FTP on Netware 5.1 or do I need to be running Netware 6.5 for Secure FTP services. WH wrote: > Is there any options for secure FTP on Netware 5.1 > or do I need to be running Netware 6.5 for Secure FTP services. > http://support.novell.com/cgi-bin/search/searchtid.cgi?/2966658.htm -andy ...

FTP Security
Please accept my apologies if this question has been asked and answered in another thread. If it has, my search failed to turn it up. D-Link makes a NAS product (DNS-323) which allows for the use of an FTP server. I desire to use this built-in functionality; however, after enabling it and making all of the security adjustments (i.e. creating groups/users with permissions, establishing passwords, etc.) I am concerned that a Shields Up scan of my IP shows the port that this server is assigned as being OPEN. :( Is there any way to enable this FTP server functionality without h...

How secure is secure?
Thanks to this group and all the high tech individuals who frequent it I have learned how to protect my PC from the inside out. But what about security risks to my info 'before' it gets to my computer? Like my mail box on the server. Could someone hack into that and thumb through my mail? If so, how would I ever know? (The short story) We have a rogue employee at my work who one day decided to run the web site, she got in tight with the ISP, got tools to set and delete passwords on a protected directory on the server. Who knows if she has telnet access to other things, li...

when is secure, secure?
Lo everyone, I wrote a custom authentication handler for PureFTPD, using a combination of authentication methods, for about 4 different types of users. So far, from testing it, it does look to work properly, and does it's job pretty well (and fast). I use #!/usr/bin/perl -W as well as use Strict, and use warnings, and the code returns no errors or warnings when run. I am right to presume that this basically only really tells me the my syntax and structure of the application is right? What's a good way to see whether it is actually SECURE... There is a couple of lines of...

Secure FTP
NW6 SP5 EDir 8.7.3.6 I'm currently running the vanilla nwftp server and I want to upgrade to secure ftp services. I'm kinda' at a loss as to what to do. I've searched the knowledgebase, but found no answers. Can someone point me to a resource? wpeacock@uga.edu wrote: > NW6 SP5 EDir 8.7.3.6 > I'm currently running the vanilla nwftp server and I want to upgrade to > secure ftp services. I'm kinda' at a loss as to what to do. I've searched > the knowledgebase, but found no answers. Can someone point me to a resource? > > Depend...

Web resources about - secure ftp - novell.netware.6x.storage

Secure Digital - Wikipedia, the free encyclopedia
Secure Digital or ( SD ) is a non-volatile memory card format for use in portable devices, such as mobile phones , digital cameras , GPS navigation ...

Facebook To Users: ‘Add Your Phone Number To Help Secure Your Account’
Some Facebook users are seeing alerts above the Graph Search bars on their News Feeds , prompting them to “Add your phone number to help secure ...

Premier signs on to secure regatta future
ONE of the world’s oldest regattas has this year welcomed the support of Tasmanian Premier Will Hodgman, all in a bid to keep the event running ...

OS X 10.11.4 public beta with Live Photos in Messages, secure Notes, and more is now available
... new OS X 10.11.4 prerelease that first hit developers earlier this week. New features include Live Photo viewing and sharing in Messages, secure ...

ISIS has its own secure messaging system this illustrates the futility of communication surveillance
... to evade detection. This is something that was perfectly demonstrated this week when it became apparent that ISIS has developed its own secure ...

Ex-NSA chief defends end-to-end encryption, says ‘backdoors’ will make us less secure
... Agency of being champions of privacy. But General Michael Hayden, a former Director of the NSA, does see some value in preserving secure end-to-end ...

How secure is your home Wi-Fi?
Bugs and security flaws could leave your routers and Internet-connected devices vulnerable

How to find and secure scholarships
College applications are in, and it's time to hunt for college money. Here's how to find the best scholarships for you.

Widow says Apple told her to get court order to secure dead husband's password
Technically Incorrect: A Canadian woman says that when her husband died, even showing the company his death certificate and will do no good in ...

President Bush apologized to China to secure U.S. airmen held captive
... to rethink their strategy. After all, Ronald Reagan —the American president who actually negotiated with terrorists—tried and failed to secure ...

Resources last updated: 1/22/2016 9:59:14 AM