PDA

View Full Version : ioftpd + service + ssl


vod
10-26-2003, 05:15 AM
Ok, I spent a long time trying to get this to work, I'm sure someone out there has tried. I was using firedaemon to run ioftpd, and I tried ioservice (it dont seem to process watch and restart, which is why i picked fire), and inorder to get shmem to work it must run with "allow to interact with desktop", but this prevented me from making ssl work...i tried everything to make it work, If anyone know a way, pls tell me.

I did however find a option that does work!

http://www.activeplus.com makes a program called servicemill, which is just like firedaemon, but it allows an option "allow to interact with desktop when running as a user", so install servicemill, install your system cert as any user, give service mill that user/pass, and then in advanced check that box, and volia io+ssl+service :D

if anyone know how to make it work as localsystem, that would rock tho...of if d1 would make it a native service ;)

FrankZ
10-26-2003, 07:46 AM
Hi

When you install ioftpd as service you must install the cert via
site EXEC Command :)

1. First install io as Service and run it

2. Then login on drive C for example and change in c:\cert

then make ctrl-R via Flashfxp

but to make this work you must include the cert-name in the commandline from the .bat ...my .bat looks like this




makecert.exe -r -n CN=NAME -eku 1.3.6.1.5.5.7.3.1 -ss my -sr CurrentUser -a sha1 -sk NAME -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12 ioftpd.cer



NAME = Your Cert-Name


--> site exec rsa_keygen.bat





now you have a cert installed as localhost :)

vod
10-26-2003, 08:05 AM
I tried that a few times, it never worked for me

Mouton
10-26-2003, 12:13 PM
when u install ioftpd service, u need to go in Services control panel, go in the service properties, and choose Logon as user: and enter the user/pwd of the account u imported your certificate with.

SCalibur2
10-26-2003, 12:23 PM
What I did was to make a bat containing the makecert command string, then using srvany I made that bat a system service and ran it.

Bam, I then had my SSL certificate which I then installed the regular way, and to this day I have no problems with SSL and ioftpd as a system service.

vod
10-26-2003, 12:59 PM
Originally posted by Mouton
when u install ioftpd service, u need to go in Services control panel, go in the service properties, and choose Logon as user: and enter the user/pwd of the account u imported your certificate with.

LocalSystem isnt a normal user, and normal accts cant use "interact with desktop", which is why i posted the link the program that lets you do that. LocalSystem is uses DeafultUser settings, on my machine it just did not like me installing certs s DefaultUser

Mouton
10-26-2003, 02:32 PM
Interact with the desktop isn't needed for shmem. What is needed is that the script and ioftpd are run from the same account/session.

shmem works just fine when using a service with "Log on as: This account:"

[14:34:45] [L] site cid listbot
[14:34:45] [L] 200-CIDX;0;Mouton;NoGroup;*;127.0.0.1;idle;STAT -la;/;0;0
[14:34:45] [L] 200 Command successful.

and SSL works just fine:

[14:48:17] [L] Connecting to Localhost -> IP=127.0.0.1 PORT=9998
[14:48:17] [L] Connected to Localhost
[14:48:17] [L] Connected. Negotiating SSL/TLS session..
[14:48:17] [L] SSL/TLS negotiation successful...
[14:48:17] [L] TLSv1/SSLv3 encrypted session using cipher RC4-MD5 (128 bits)
[14:48:17] [L] 220 ioFTPD [www: http://www.ioftpd.com] - [version: beta 5] server ready.
[14:48:17] [L] USER Mouton

vod
10-26-2003, 05:17 PM
Originally posted by Mouton
[B]Interact with the desktop isn't needed for shmem. What is needed is that the script and ioftpd are run from the same account/session.

shmem works just fine when using a service with "Log on as: This account:"


mine wont work that way, things break really bad if i dont have it, then again, i have all kinds of messed up problems on my machine

besides, its spiffier for desktop interaction, cause then i can do shmem programs from my local session

gujingGG
11-13-2003, 10:45 PM
:D

big thanks to mouton :banana: for the solution

" ... when u install ioftpd service, u need to go in Services control panel, go in the service properties, and choose Logon as user: and enter the user/pwd of the account u imported your certificate with. ..."

io+service+ssl

just wanna pop up the question

before that i choose "SEARCH"

BANG! .....problem solved

and can i get a tray icon even io run as a service???

Mouton
11-13-2003, 11:09 PM
You need to use "Interact with desktop" to have a systray.

gujingGG
11-13-2003, 11:45 PM
Originally posted by Mouton
You need to use "Interact with desktop" to have a systray.


:(

but i can't get SSL work porperly under "interact with desktop"

is there a way to show "tray icon" and make "service+ssl" work fine at the same time?

Mouton
11-14-2003, 02:18 PM
Using vod's solution.

CoMa
11-14-2003, 03:55 PM
Again a thread about Service with io, no seriously !?....... (it's like a running gag) lol ;)

gujingGG
11-14-2003, 07:29 PM
Originally posted by Mouton
Using vod's solution.


servicemill need registeration ..............................:(

whocarez2k5
07-18-2005, 07:23 AM
Lo all,

I have installed a registered version of ioFTPD with SSL working but it’s NOT installed as a service!
After some reading true the forum i understand that i have to make a new cert when ioFTPD is running as a service, but there are a few things i don't get:
1) Why are some speaking about desktop interaction?
2) And why do i need to put in username and password for making cert? My recent setup of winxp is without a username and password so what do i fill in then?
3) Last 1, is there some 1 that can gimme a link to ioservice that is used for ioFTPD and for EggDrop?

Greetz,

whocarez2k5
07-18-2005, 03:50 PM
Well finaly SSL installed and then the next problem comes up:

[2] 220 FTP Server ready.
[2] AUTH SSL
[2] 234 AUTH SSL successful.
[2] Network subsystem is unusable(10091)

The last line is the error, any ideas?

whocarez2k5
07-20-2005, 04:07 PM
Well finaly i get the picture.

1. I made .bat explained here.
2. Made ioFTPD starting as service with ioservice.exe
3. Changed the account where the cert is made with, BUT my account has no password in it and i would like to keep it that way! with the problem that the service won't start unless i choose Local System Account!
4. change .ini file to use SSL and the error i then get is:
[2] 220 FTP Server ready.
[2] AUTH SSL
[2] 504 AUTH %s unsupported.

I checked everything in the .bat and named it also the right way in ioFTPD.ini but it still won't work :( after creating a new cert he wont popup in certmanager!

Any1?