[BlueOnyx:25293] Proftpd, configuration issues / wishes
Tobias Gablunsky
t.gablunsky at cbxnet.de
Tue Jan 11 09:13:49 -05 2022
Hi there,
I have 3 topics regarding proftpd configuration.
1) Users complain about certificate warnings, even when there is a valid certificate installed.
This can be fixed by delivering the proper ca cert, like i.e. dovecot does. This can easily be accomplished by adding an entry
TLSCertificateChainFile /etc/pki/dovecot/certs/ca.pem
I would love this to be added to the default configuration. Should be no problem, as BO already uses the same certificates dovecot does..
Additionally we have two settings we always change from default:
2) We restrict PassivePorts to a smaller value than default to not have to open firewalls too much to the outside.
3) We disable mod_ban as we already have a working fail2ban installation. I don't like to have too many sources to look for the reason of a connection problem.
But these changes are getting overriden every now an then.
I would highly welcome a way to be able to configure this permanently. Best of course would be a gui option. But maybe also some kind of template system that is used for creating the proftpd config is possible?
Best regards,
Tobias Gablunsky
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20220111/92863cbb/attachment.html>
More information about the Blueonyx
mailing list