lftp/rc: Add sane SSL settings.

author Simon Ruderich <simon@ruderich.org>

Sat, 30 Mar 2013 01:14:50 +0000 (02:14 +0100)

committer Simon Ruderich <simon@ruderich.org>

Sat, 30 Mar 2013 01:14:50 +0000 (02:14 +0100)
author Simon Ruderich <simon@ruderich.org>
Sat, 30 Mar 2013 01:14:50 +0000 (02:14 +0100)
committer Simon Ruderich <simon@ruderich.org>
Sat, 30 Mar 2013 01:14:50 +0000 (02:14 +0100)
diff --git a/lftp/rc b/lftp/rc

index 1d76629bfb25b4e97468bc177df5833dbdcdbdda..f94041b25c7317f6b82b1217d1a91f422b079267 100644 (file)
--- a/lftp/rc
+++ b/lftp/rc
@@ -32,6 +32,19 @@ set bmk:save-passwords yes
  # automated jobs.
  set net:max-retries 1
  
+# If SSL is used make sure the data connection is encrypted as well. This
+# should be the default behavior!.
+set ftp:ssl-protect-data yes
+set ftp:ssl-protect-fxp yes
+# Same for control connections (default).
+set ftp:ssl-protect-list yes
+# Make sure SSL is not dropped after a successful login (default).
+set ftp:ssl-use-ccc no
+# And verify the certificate and hostname, otherwise encryption doesn't matter
+# (default).
+set ssl:check-hostname yes
+set ssl:verify-certificate yes
+
  
  # ALIASES
author	Simon Ruderich <simon@ruderich.org>
	Sat, 30 Mar 2013 01:14:50 +0000 (02:14 +0100)
committer	Simon Ruderich <simon@ruderich.org>
	Sat, 30 Mar 2013 01:14:50 +0000 (02:14 +0100)