1

I've managed to run vsftpd with unencrypted FTP, Implicit SSL, and Explicit SSL. What I'm looking for is a way to run it with Explicit SSL, but have a separate port for SSL.

For example: port 15000 for unencrypted, and port 15001 for SSL.

This is because I want to enable LAN users to connect unencrypted but WAN users to connect only encrypted.

I would use SSL on LAN too, but I'll be going Gigabit soon (laggard) and having a couple of users transfer files at speeds 70-100MB/sec is going to bring my server's CPU to its knees.

What has worked so far is to run two instances of vsftpd with different configs. I was hoping for a more tidy solution.

terdon
  • 234,489
  • 66
  • 447
  • 667
swapjim
  • 35
  • 3

1 Answers1

3

The answers to this question at Server Fault suggest the only way to do this is to run two separate instances of vsftpd, each with one of the configurations you want.

Community
  • 1
Eric Renouf
  • 18,141
  • 4
  • 49
  • 65
  • I had a feeling that this would be the answer. I created a second init script for the second instance of vsftpd (in `/etc/rc.d/vsftpd2`), and a symlink (`/usr/local/libexec/vsftpd2`), and I start it on boot with `vsftp2_enable="yes"` in `rc.conf`. – swapjim Aug 30 '15 at 11:43