How do I get lftp to use SSL/TLS security mechanism from the command line?

后端 未结 8 2301
深忆病人
深忆病人 2021-02-15 13:11

I\'m trying to log into an ftps site. I\'ve tried giving the login creds at the command line (and putting set parameters in ~/.lftprc, the

相关标签:
8条回答
  • 2021-02-15 13:59

    My answer provides access for a single user on your system rather than a system-wide certificate.

    lftp uses Transport Layer Security (TLS). So it’s essential to first grab the certificate from the FTP server.

    openssl s_client -connect <ftp-hostname>:21 -starttls ftp
    

    I include the entire certificate chain in a new file called cert.crt in my local ~/.lftp folder. At the very least, you're looking to include all the text of the certificate itself: -----BEGIN CERTIFICATE----- <...> -----END CERTIFICATE-----.

    • I create a file called rc in the local ~/.lftp folder and add the lines
      • set ssl:ca-file “cert.crt”
      • set ssl:check-hostname no (this prevents Fatal error: Certificate verification: certificate common name doesn't match requested host name ‘<ftp-hostname>’ when running a command like ls remotely)
    0 讨论(0)
  • 2021-02-15 14:06

    lftp version must be >= 4.6.3 (Debian user)

    0 讨论(0)
提交回复
热议问题