Ssl

VSFTPD 特定密碼

  • January 17, 2020

我正在尋找一種在 Ubuntu 伺服器上為 VSFTPD 定義自定義密碼套件的方法。

我發現我可以通過 HIGH/MEDIUM/LOW 指定密碼。但是,這對我來說還不夠,因為我需要手動配置密碼。

有沒有辦法做到這一點?

從 vsftpd.conf 手冊我可以閱讀

ssl_ciphers
             This option can be used to select which SSL ciphers vsftpd  will
             allow  for  encrypted  SSL connections. See the ciphers man page
             for further details. Note that restricting ciphers can be a use‐
             ful  security precaution as it prevents malicious remote parties
             forcing a cipher which they have found problems with.

             Default: DES-CBC3-SHA

然後,如果我查看密碼手冊(openssl 的一部分),它會提供您可以使用的所有密碼類型。實際上 LOW/MEDIUM/HIGH 是這樣定義的

HIGH
   "high" encryption cipher suites. This currently means those with key lengths larger than 128
          bits, and some cipher suites with 128-bit keys.

MEDIUM
   "medium" encryption cipher suites, currently some of those using 128 bit encryption.

LOW 
   "low" encryption cipher suites, currently those using 64 or 56 bit encryption algorithms but
          excluding export cipher suites.

所以基本上你可以使用密碼手冊中指定的任何密碼字元串。

引用自:https://serverfault.com/questions/730961