You are viewing a plain text version of this content. The canonical link for it is here.

Posted to ftpserver-users@mina.apache.org by Aidan Diffey <ai...@gmail.com> on 2010/11/15 14:44:21 UTC

FTP server default cipher when using FTPS

Hello all.

When Apache FTP server suggests a cipher to use for FTPS communications,
what is the default on it suggests?

If I require the AES256 to be used, how can I set that to be the cipher to
use?


Kind Regards

Aidan Diffey

Re: FTP server default cipher when using FTPS

Posted by Niklas Gustavsson <ni...@protocol7.com>.

On Mon, Nov 15, 2010 at 3:02 PM, Aidan Diffey <ai...@gmail.com> wrote:
> One more question:
>
> What is the difference between TLS_DHE_DSS_WITH_AES_256_CBC_SHA and
> TLS_DHE_RSA_WITH_AES_256_CBC_SHA

This is somewhat beyond my expertise, but my understanding is that
it's the same algorithm but for different key types (RSA and DSS). So,
whatever chosen will likely depend on what type of key your server
(and possible client) uses.

/niklas

Re: FTP server default cipher when using FTPS

Posted by Aidan Diffey <ai...@gmail.com>.

Thank you.

One more question:

What is the difference between TLS_DHE_DSS_WITH_AES_256_CBC_SHA and
TLS_DHE_RSA_WITH_AES_256_CBC_SHA

If I set to one of these, will it choose the AES256 cipher?

Regards

On 15 November 2010 13:52, Niklas Gustavsson <ni...@protocol7.com> wrote:
>
> On Mon, Nov 15, 2010 at 2:44 PM, Aidan Diffey <ai...@gmail.com> wrote:
> > When Apache FTP server suggests a cipher to use for FTPS communications,
> > what is the default on it suggests?
>
> FtpServer will default use whatever the JRE provides.
>
> > If I require the AES256 to be used, how can I set that to be the cipher to
> > use?
>
> You can configure a list of allowed cipher suites, see the
> configuration option "enabled-ciphersuites" here:
> http://mina.apache.org/ftpserver/listeners.html
>
> /niklas

Re: FTP server default cipher when using FTPS

Posted by Niklas Gustavsson <ni...@protocol7.com>.

On Mon, Nov 15, 2010 at 2:44 PM, Aidan Diffey <ai...@gmail.com> wrote:
> When Apache FTP server suggests a cipher to use for FTPS communications,
> what is the default on it suggests?

FtpServer will default use whatever the JRE provides.

> If I require the AES256 to be used, how can I set that to be the cipher to
> use?

You can configure a list of allowed cipher suites, see the
configuration option "enabled-ciphersuites" here:
http://mina.apache.org/ftpserver/listeners.html

/niklas