Support SSL (FTPS) via environment options

[kedarac]

Add a way to pass SSL key and certificate to enable Secure FTP (SFTP).

vsftpd supports the following via its conf file:

ssl_enable=YES allow_anon_ssl=NO force_local_data_ssl=YES force_local_logins_ssl=YES ssl_tlsv1=YES ssl_sslv2=NO ssl_sslv3=NO require_ssl_reuse=NO ssl_ciphers=HIGH rsa_cert_file=/etc/vsftpd.pem rsa_private_key_file=/etc/vsftpd.pem pasv_max_port=65535 pasv_min_port=64000

[artjomsk]

pasv_max_port and pasv_min_port are not related to SSL and have been already supported by environment variables: PASV_MAX_PORT and PASV_MIN_PORT

[artjomsk]

SFTP is completely another story where vsftpd isn't needed at all, but support for FTPS (FTP + SSL) can be easily done. Watch my pull request - https://github.com/fauria/docker-vsftpd/pull/42

[kedarac]

Thanks for the quick response on the issue.

pasv_max_port and pasv_min_port are not related to SSL

Yes, I understand these are already supported. I pasted 2 extra lines while referring from a blog post.

Regarding SFTP and FTPS, I was not clear that they both were different things. Now that I read about them, I am editing the issue title.

@fauria This issue can be closed once you accept the MR.

[lucaskuperman]

@fauria Any ETA for supporting SSL?

[fauria]

We need to be careful here to avoid breaking non-SSL deployments. I'll have a look at this ASAP, but can't guarantee an ETA at the time, unfortunately.

[markhobson]

It'd be great to get this FTPS support merged.

In the meantime, @artjomsk would you be able to rebase your fork so it includes the recent PASV_PROMISCUOUS support? I'm in the unfortunate position of needing both that and TLS, and I'd rather not create yet another fork! I've rebased locally and it's pretty straightforward. Thanks :)

[markhobson]

I went ahead and created a fork: markhobson/docker-vsftpd Available on Docker Hub: markhobson/vsftpd