标签:FTP实现SSL加密
查看是否支持SSLldd `which vsftpd`
查看是否调用这个库:libssl.so
例如:
[root@centos6 ~]# ldd `which vsftpd`
linux-vdso.so.1 => (0x00007fff482e6000)
"libssl.so.10 => /usr/lib64/libssl.so.10 (0x00007f9c95521000)" #就是这个
libwrap.so.0 => /lib64/libwrap.so.0 (0x00007f9c95316000)
libnsl.so.1 => /lib64/libnsl.so.1 (0x00007f9c950fc000)
libpam.so.0 => /lib64/libpam.so.0 (0x00007f9c94eee000)
libcap.so.2 => /lib64/libcap.so.2 (0x00007f9c94cea000)
libdl.so.2 => /lib64/libdl.so.2 (0x00007f9c94ae5000)
libc.so.6 => /lib64/libc.so.6 (0x00007f9c94751000)
libcrypto.so.10 => /usr/lib64/libcrypto.so.10 (0x00007f9c9436c000)
libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2 (0x00007f9c94127000)
libkrb5.so.3 => /lib64/libkrb5.so.3 (0x00007f9c93e40000)
libcom_err.so.2 => /lib64/libcom_err.so.2 (0x00007f9c93c3c000)
libk5crypto.so.3 => /lib64/libk5crypto.so.3 (0x00007f9c93a0f000)
libz.so.1 => /lib64/libz.so.1 (0x00007f9c937f9000)
libaudit.so.1 => /lib64/libaudit.so.1 (0x00007f9c935d5000)
libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00007f9c9339d000)
libattr.so.1 => /lib64/libattr.so.1 (0x00007f9c93198000)
/lib64/ld-linux-x86-64.so.2 (0x000000319d000000)
libkrb5support.so.0 => /lib64/libkrb5support.so.0 (0x00007f9c92f8d000)
libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x00007f9c92d89000)
libresolv.so.2 => /lib64/libresolv.so.2 (0x00007f9c92b6f000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f9c92952000)
libfreebl3.so => /lib64/libfreebl3.so (0x00007f9c9274e000)
libselinux.so.1 => /lib64/libselinux.so.1 (0x00007f9c9252f000)
cd /etc/pki/tls/certs/
1,生成自签名证书
make vsftpd.pem
2,查看自签名证书
openssl x509 -in vsftpd.pem -noout -text vim/etc/vsftpd/vsftpd.conf
# 在配置文件中添加下面几行配置
ssl_enable=YES 启用SSL
allow_anon_ssl=NO 匿名不支持SSL
force_local_logins_ssl=YES 本地用户登录加密
force_local_data_ssl=YES 本地用户数据传输加密
rsa_cert_file=/etc/pki/tls/certs/vsftpd.pem 指定CA证书文件
这是windowns工具
出现下面这个就表示加密成功
标签:FTP实现SSL加密
原文地址:http://blog.51cto.com/13598893/2073018
