Article delegate-en/1411 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: Howto? SSL FTP Tunneling
14 Nov 2001 17:18:48 GMT (Yutaka Sato)


On 11/15/01(01:47) you "Bryan Dees" <> wrote
in <_A1409@delegate-en.ML_>
 |My FTP server '' uses AUTH TLS

I see.

 |I added your suggestions to the following command:
 |   delegated -v -P10021 \
 |   SERVER=  \
 |   CMAP="lib/sslway -st:FSV:ftp-data" \
 |   CMAP="lib/sslway -st:FCL:ftp"

Is your command literally as above?  I cannot understand your
intention to specify FSV only to ftp-data connection while
specifying FCL only to ftp control connection.

 |The error: "SSL23_GET_SERVER_HELLO:unknown" went away. And I 
 |can now establish a connection, but i'm having troubles with
 |ftp-data I think. The following is an excerpt from my

Since SSL session for ftp-data starts immediately without negotiation,
"-st" is not necessary.  This is why "CMAP" is used, to specify
"sslway -st" for ftp control connection while specifying "sslway"
without -st for ftp-data connection.

 |Or if the FTP server starts in normal non-SSL status and starts SSL
 |on demand with "AUTH TLS" negotiation (RFC2228), you must specify
 |"-st" option as FSV="sslway -st".  If this works, then you should
 |use CMAP="sslway:FSV:ftp-data" for ftp-data connection.

So I think what is neccessary for relaying from FTP/SSL client to
FTP/SSL server via FTP-DeleGate is like this:

CMAP="sslway -st:FCL:ftp" CMAP=sslway:FCL:ftp-data
CMAP="sslway -st:FSV:ftp" CMAP=sslway:FSV:ftp-data

which is a little extended from the example in 
> delegated CMAP=sslway:FCL:ftp-data CMAP="sslway -st:FCL:ftp" SERVER=ftp 

  @ @ Yutaka Sato <>
 ( - ) National Institute of Advanced Industrial Science and Technology (AIST)
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]