"Fossies" - the Fresh Open Source Software Archive

Member "mod_ftp-0.9.6/docs/manual/ftp/ftp_tls.xml" (24 Apr 2008, 9736 Bytes) of package /linux/www/apache_httpd_modules/old/mod_ftp-0.9.6-beta.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) XML source code syntax highlighting (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file.

    1 <?xml version='1.0' encoding='UTF-8' ?>
    2 <!DOCTYPE manualpage SYSTEM "../style/manualpage.dtd">
    3 <?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?>
    4 <!-- $LastChangedRevision: 420990 $ -->
    5 
    6 <!--
    7  Licensed to the Apache Software Foundation (ASF) under one or more
    8  contributor license agreements.  See the NOTICE file distributed with
    9  this work for additional information regarding copyright ownership.
   10  The ASF licenses this file to You under the Apache License, Version 2.0
   11  (the "License"); you may not use this file except in compliance with
   12  the License.  You may obtain a copy of the License at
   13 
   14      http://www.apache.org/licenses/LICENSE-2.0
   15 
   16  Unless required by applicable law or agreed to in writing, software
   17  distributed under the License is distributed on an "AS IS" BASIS,
   18  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   19  See the License for the specific language governing permissions and
   20  limitations under the License.
   21 -->
   22 
   23 <!-- 
   24  Original Copyright (c) 2005 Covalent Technologies
   25 
   26  FTP Protocol module for Apache 2.0
   27 -->
   28 
   29 <manualpage metafile="ftp_tls.xml.meta">
   30 <parentdocument href="./">FTP Protocol Support</parentdocument>
   31 
   32   <title>Securing FTP With TLS</title>
   33 
   34   <summary>
   35     <p>The support for FTP over TLS allows you to run FTP connections
   36     securely through TLS encryption and certificate authentication
   37     support. Apache mod_ftp supports RFC-compliant TLS support through
   38     Apache's own mod_ssl.</p>
   39   </summary>
   40 
   41   <section id="introduction">
   42 
   43     <title>Introduction</title>
   44 
   45     <p>As the FTP protocol was developed long before security through
   46     encryption became an important consideration, it was originally
   47     designed as a clear-text protocol.  Both the command channel and
   48     the data channel were, and in many cases remain, unencrypted.
   49     Today, this is not desirable since the users' logins and passwords
   50     travel in the clear across the network, and could be readily
   51     detected by a malicious intruder.  Conversely, a user would not
   52     easily be able to detect a spoofed server address because the
   53     server could not identify itself by certificate.</p> 
   54 
   55     <p>To address these limitations, the FTP over TLS protocol was
   56     developed and became an Internet Standard described in <a
   57     href="http://www.rfc-archive.org/getrfc.php?rfc=4217">RFC
   58     4217</a>.  The FTP over TLS protocol uses TLS connection upgrade,
   59     where the client and server negotiate their features and
   60     capabilities before upgrading to an encrypted connection.  </p>
   61   </section>
   62 
   63   <seealso><a href="http://www.rfc-archive.org/getrfc.php?rfc=4217">RFC 4217
   64     &#8212; Securing FTP with TLS</a></seealso>
   65   <seealso><a href="http://www.rfc-archive.org/getrfc.php?rfc=2228">RFC 2228
   66     &#8212; FTP Security Extensions</a></seealso>
   67 <seealso><a href="http://www.rfc-archive.org/getrfc.php?rfc=2246">RFC 2246
   68     &#8212; The TLS Protocol Version 1.0</a></seealso>
   69 
   70 
   71   <section id="protocoldescription">
   72 
   73     <title>Protocol Description</title>
   74 
   75     <p>The mod_ftp module for the Apache HTTP Server aims to implement
   76     FTP over TLS as defined by <a
   77     href="http://www.rfc-archive.org/getrfc.php?rfc=4217">RFC
   78     4217</a>.  The RFC describes how the FTP client and server can
   79     discover each other's security capabilities and how a client can
   80     upgrade an FTP control channel to use TLS protection.  This
   81     connection upgrade behavior, similar to the SMTP over TLS standard
   82     described in <a
   83     href="http://www.rfc-archive.org/getrfc.php?rfc=3207">RFC
   84     3207</a>, allows an FTP over TLS server to run on the same port as
   85     a plaintext FTP server, and offer both plaintext and protected
   86     services simultaneously.</p>
   87 
   88     <!-- Requiring that TLS be used -->
   89     <p>The FTP protocol specification dictates that it is up to the
   90     client to specify session attributes like the protection level.
   91     The server cannot require that the client use TLS, but it can
   92     refuse to accept any command from the client until it sends an
   93     <code>AUTH TLS</code> FTP command to upgrade the control channel
   94     to TLS protection.  See the <directive
   95     module="mod_ftp">FTPOptions</directive>, specifically the
   96     <code>RequireSSL</code> option, to make the server refuse any FTP
   97     command until a TLS session is established.</p>
   98 
   99     <!-- ###FIXME### Investigate existing (and desired) data channel 
  100     protection level and write this paragraph.
  101     Note: the FTP Server side is always the 'Server' in TLS context,
  102     regardless of the direction of the data channel connection.
  103     <p>Data Channel Protection</p>
  104     -->
  105 
  106     <!-- Certificates and Authentication -->
  107     <p>The use of TLS allows both the server and client to identify
  108     themselves using standard SSL Certificates.  Generally, a
  109     certificate will be in use on the server, but the server can be
  110     configured to request client-side certificates for
  111     authentication.  RFC 4217 requires that the client send a
  112     <code>USER</code> command even if a certificate is presented, but
  113     the server may forego requiring a password from the client. </p>
  114 
  115     <p>Since the FTP over TLS RFC was published only in 2005, several
  116     alternative approaches have arisen to secure file transfer
  117     connections.  Besides the TLS connection upgrade on a normal FTP
  118     connection as defined by the RFC, another popular approach is to
  119     define a separate FTP control channel listener that can only be
  120     accessed over SSL.  An SSL handshake has to be completed before
  121     even the first FTP protocol exchange can take place.  This
  122     approach, known as <em>Implicit SSL</em>, is supported by mod_ftp.
  123     Finally, some FTP clients and server support file transfer over
  124     SSH.  This approach is not supported by mod_ftp.</p>
  125   </section>
  126 
  127   <section id="ftpovertls">
  128 
  129     <title>FTP over TLS Support</title>
  130 
  131     <p>To implement TLS, mod_ftp uses Apache's
  132     <module>mod_ssl</module>.  This means that the configuration
  133     options for FTP over TLS are not too different from those for
  134     HTTPS.  In fact, for RFC 4217-based FTP over TLS support, no
  135     additional configuration options are necessary above the ones you
  136     would use to set up an HTTP over SSL virtual host.  Note however
  137     that we explicitly turn off <directive
  138     module="core">AcceptFilter</directive>.  This is necessary because
  139     in FTP the server initiates the protocol conversation and not the
  140     client.</p>
  141 
  142     <example>
  143       LoadModule ftp_module /usr/local/apache2/modules/mod_ftp.so<br/>
  144       <br/>
  145       Listen 21 ftp<br/>
  146       AcceptFilter ftp none<br/>
  147       <br/>
  148       LogFormat "%u [%a] %r %>s" ftp_command<br/>
  149       LogFormat "%{%b %e %H:%M:%S %Y}t %T %a %B %U %M %F %d %W %u %S %Z %Y" ftp_transfer<br/>
  150       <br/>
  151       &lt;VirtualHost _default_:21&gt;<br/>
  152       <indent>
  153         <br/>
  154         FTP On<br/>
  155         SSLEngine on<br/>
  156         SSLCertificateFile conf/server.crt<br/>
  157         SSLCertificateKeyFile conf/server.key<br/>
  158         <br/>
  159         ErrorLog logs/ftps_error_log<br/>
  160         CustomLog logs/ftps_command_log ftp_command<br/>
  161         CustomLog logs/ftps_transfer_log ftp_transfer env=do_transfer_log<br/>
  162         <br/>
  163       </indent>
  164       &lt;/VirtualHost&gt;<br/>
  165     </example>
  166 
  167     <note>The above shows the simplest possible configuration of a
  168     TLS-enabled FTP virtual host.  You should not use this in
  169     production unless sufficient authentication and access control is
  170     added. </note>
  171 
  172   </section>
  173 
  174   <section id="implicitssl">
  175 
  176     <title>Implicit SSL Support</title>
  177 
  178     <p>The configuration below is similar to the one above, except for
  179     the <directive module="ftp">FTPImplicitSSL</directive> and the
  180     listening port which is <code>990</code>. The <directive
  181     module="core">AcceptFilter</directive> is set to
  182     <code>data</code>, since the conversation starts with an SSL
  183     handshake from the client.</p>
  184 
  185     <example>
  186       LoadModule ftp_module /usr/local/apache2/modules/mod_ftp.so<br/>
  187       <br/>
  188       Listen 990 ftps<br/>
  189       AcceptFilter ftps data<br/>
  190       <br/>
  191       LogFormat "%u [%a] %r %>s" ftp_command<br/>
  192       LogFormat "%{%b %e %H:%M:%S %Y}t %T %a %B %U %M %F %d %W %u %S %Z %Y" ftp_transfer<br/>
  193       <br/>
  194       &lt;VirtualHost _default_:990&gt;<br/>
  195       <indent>
  196         <br/>
  197         FTP On<br/>
  198         SSLEngine On<br/>
  199         FTPImplicitSSL On<br/>
  200         <br/>
  201         SSLCertificateFile    ssl/server.crt<br/>
  202         SSLCertificateKeyFile ssl/server.key<br/>
  203         <br/>     
  204         ErrorLog logs/ftps_error.log<br/>
  205         <br/>
  206         CustomLog logs/ftps_command.log ftp_command<br/>
  207         CustomLog logs/ftps_transfer.log ftp_transfer env=do_transfer_log<br/>
  208         <br/>
  209         DocumentRoot "/usr/local/apache2/htdocs"<br/>
  210         <br/>
  211       </indent>
  212       &lt;/VirtualHost&gt;<br/>
  213     </example>
  214 
  215     <note>The above shows the simplest possible configuration of a
  216     TLS-enabled FTP virtual host.  You should not use this in
  217     production unless sufficient authentication and access control is
  218     added. </note>
  219 
  220   </section>
  221 <!--
  222   <section id="clientauth">
  223     
  224     <title>Client-side Certificate Authentication</title>
  225 
  226   </section>
  227 -->
  228 
  229   <section id="clientsupport">
  230 
  231     <title>Client Support for FTP over TLS</title>
  232 
  233     <p>An ever-growing number of FTP clients implements FTP over
  234     TLS, and listing them all is outside the scope of this document.
  235     A list can be found on <a
  236     href="http://en.wikipedia.org/List_of_FTP_clients">Wikipedia</a>.
  237     When selecting a client, do keep in mind that the <em>FTP over
  238     SSH</em> protocol (sometimes also called <em>SFTP</em>) is not
  239     supported by <module>mod_ftp</module>.</p>
  240 
  241   </section>
  242 
  243 </manualpage>