Most likely when you did your ./configure you didn't have the switch "--enable-ssl" or something along those lines (if you built from source, which I'm assuming due to the .h file you modified).

do a "./configure --help" and see what your options are.

HTH,
-MM

Hmmm...ok - dumb question. Where can I get a unconfigured version of vsftp? 2.0.2 (from Chris Evan's site) does not come with a config or Configure file - any changes can be made to the builddefs.h and tunables.c and then just run make.

If you could tell me where or how to get that, then I would be more than happy to compile it that way :)

Thanks for your help!

Anyone? Need....help...(gasp)...quickly...

From:
[linuxquestions.org...]

"openssl req -x509 -nodes -newkey rsa:1024 -keyout /etc/ssl/private/vsftpd.pem -out etc/ssl/private/vsftpd.pem

Replace /etc/ssl/private/vsftpd.pem with the actual path and filenname of where yu want to keep ur key file. If I remember right the default location is /usr/share/ssl/certs/vsftpd.pem"

I have done that, but I still get the same message if I start it through xinetd or standalone.

ftp localhost
Connected to localhost (127.0.0.1).
500 OOPS: SSL: ssl_enable is set but SSL support not compiled in
ftp> bye

Check out:

ftp://vsftpd.beasts.org/users/cevans/untar/vsftpd-2.0.1/README.ssl

"In order to enable and use SSL support, you need the following:

- vsftpd built with OpenSSL support. This is a decision your vsftpd packager
made, or if you are building vsftpd yourself, edit "builddefs.h" and change the
"#undef VSF_BUILD_SSL" to "#define VSF_BUILD_SSL".
- "ssl_enable=YES" in your vsftpd.conf.
- A SSL certificate. By default, an RSA certificate is looked for at the
location /usr/share/ssl/certs/vsftpd.pem. To get an RSA certificate, either
buy one from a certificate authority, or you can create your own self-signed
certificate. If you have OpenSSL installed, you may find a "Makefile" in
your shared certificates directory, e.g. /usr/share/ssl/certs. In that case,
go to that directory and type e.g. "make vsftpd.pem". Then answer the
questions you are asked. Alternatively, read the man page for "openssl".
- Also be aware of the following SSL related parameters. Read the vsftpd.conf.5
manual page to learn about them: allow_anon_ssl, force_local_logins_ssl,
force_local_data_ssl, ssl_sslv2, ssl_sslv3, ssl_tlsv1, rsa_cert_file,
dsa_cert_file, ssl_ciphers."

I've gone through those directions as well. .pem file is in that specific location (tried other locations as well).

The problem I have with the documentation is - for instance in the vstpd.conf man page under ssl_enable, it says "If enabled, and vsftpd was compiled against OpenSSL, vsftpd will support secure connections via SSL."

Now, when I unpack the program, it only allows me to "make" it - there is no option to "compile" it with ssl support other than the builddefs.h file - which I have already modified to define.

Wow - I think I am going bald and gray...or is it the other way around...

FINALLY! Ok folks - here is the solution for this problem.

vsftp - when configured for ssl - is looking for the header files in /usr/include/openssl. Well, my openssl package was installed to /usr/local/include/openssl. I reran my config for openssl like this:

./config --prefix=/usr --openssldir=/usr/local/openssl

That installed the header files to the base dir of /usr. ARGH! I can't believe it was just that!

Anyway - thanks for all your help!