加密传输系统
加密文件就是用一个系统将电脑上的文件进行加密保护,避免文件随意发出去导致泄密。天锐绿盾加密软件就是这样的,可以对各类型文档进行加密。稳定性还不错
⑵ 混合加密系统的过程
加密方法可分为两大类:软加密和硬加密。软加密用纯软件的方法来实现加密,主要有密码,软件校验码等;硬加密则是软件和硬件结合起来的一种加密手段,加密后软件执行时需要访问相应的硬件,其加密强度大,成本也高。混合加密是指利用数据加密技术DES和RSA算法、机器硬件指纹、钥匙盘等技术对软件进行混合加密
⑶ 在LINUX系统上建立FTP加密传输
在LINUX系统上建立FTP加密传输在众多的FTP服务器中PROFTPD由于它的配置灵活,安装简便。近年来一直受到人们的喜爱。通常情况下FTP包括认证过程,传输是明文传输的,在传输一些敏感数据时总是不能让人放心。今天我在网上找了一些零散的资料结合自己的实作写了个帖子贡献给大家。
下载最新的软件版本:
# wget ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.0rc3.tar.gz
首先创建ROFTPD运行的用户和组:
# groupadd nogroup
# useradd –g nogroup –d /dev/null –s /sbin/nologin nobody
首先创建上传下载的用户和组:
# groupadd ftp
# useradd –g ftp –d /home/down –s /sbin/nologin down
# useradd –g ftp –d /home/upload –s /sbin/nologin upload
用户密码设置略
编译安装PROFRPD:
# tar –zxvf proftpd-1.3.0rc3.tar.gz
# cd proftpd-1.3.0rc3
# ./configure
--prefix=/usr/local/proftpd
--sysconfdir=/etc
--enable-autoshadow
--localstatedir=/var/run
--enable-ctrls
--with-moles=mod_tls
# make
# make install
配置PROFTPD服务器:
# vi /etc/proftpd.conf
================+================+=================
# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use. It establishes a single server
# and a single anonymous login. It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.
ServerName "llzqq"
ServerType standalone
DefaultServer on
AllowRetrieveRestart on
AllowStoreRestart on
ServerType standalone
ServerIdent on
SystemLog /var/log/proftpd.log
UseReverseDNS off
IdentLookups off
RequireValidShell off
# Port 21 is the standard FTP port.
Port 21
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 022
MaxInstances 100
# Set the user and group under which the server will run.
User nobody
Group nogroup
# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
DefaultRoot ~
# Normally, we want files to be overwriteable.
<Directory />
AllowOverwrite on
</Directory>
# We want 'welcome.msg' displayed at login, and '.message' displayed
# in each newly chdired directory.
DisplayLogin .welcome
DisplayFirstChdir .message
# Limit User of being enbled login ftp server
<Limit LOGIN>
AllowGroup ftp
DenyAll
</Limit>
#########################ssl/tls############################
# MOD_TLS SETTING
<IfMole mod_tls.c>
TLSEngine on
TLSLog /var/log/proftpd-tls.log
TLSProtocol SSLv23
# Are clients required to use FTP over TLS when talking to this server?
TLSRequired ctrl
# Server's certificate
TLSRSACertificateFile /etc/proftpd.crt
TLSRSACertificateKeyFile /etc/proftpd.key
# Authenticate clients that want to use FTP over TLS
TLSVerifyClient off
#########################ssl/tls############################
<Directory /home/down>
<Limit WRITE>
DenyGroup ftp
</Limit>
TransferRate RETR 150 group ftp
</Directory>
<Directory /home/upload>
<Limit RMD RNFR DELE RETR>
DenyGroup ftp
</Limit>
TransferRate STOR 150 group ftp
</Directory>
MaxClientsPerHost 200
PassivePorts 55000 56000
================+================+=================
创建PROFTPD的日志文件:
# touch /var/log/proftpd.log
# touch /var/log/proftpd-tls.log
# chown nobody:nogroup /var/log/proftpd.log /var/log/proftpd-tls.log
创建SSL传输的证书和密匙:
# cp /usr/share/ssl/openssl.cnf ./
# openssl req -new -x509 -nodes -config openssl.cnf -out proftpd.crt –keyout proftpd.key
这里安装提示需要输入证书信息略
把证书和密匙复制到指定目录:
# cp proftpd.crt proftpd.key /etc/
http://linux.chinaitlab.com/server/520729.html