Table of Contents
Introduction to FTP with SSL
Most of the production environment is not allowed to use FTP service instead we need to replace with SFTP or VSFTPD with SSL. Let us see how to implement VSFTPD with SSL/TLS by following below step by step guide.
Looking for setting up a secured SFTP server?
Package Installation
Install the vsftpd package using
#sudo apt-get install vsftpd
Once done with installation continue to install the OpenSSL package which provides the SSL/TLS options.
#sudo apt-get install openssl
Generate Certificate files
Navigate to SSL directory to create certificate files
# sudo openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/ssl/vsftpd.pem -out /etc/ssl/vsftpd.pem
Then change the permission for certificate file to access only by the root user
# sudo chmod 600 vsftpd.pem
Configure VSFTPD server
Edit the configuration using vim as follows
# sudo vim /etc/vsftpd.conf
Change the location of certificate file under below directive
# rsa_cert_file=/etc/ssl/vsftpd.pem
# rsa_private_key_file=/etc/ssl/vsftpd.pem
Then enable the SSL for vsftpd and force the local user to use SSL
# ssl_enable=yes
# force_local_data_ssl=YES
# force_local_logins_ssl=YES
# pam_service_name=vsftpd
Restarting the Service
Restart the service and login from FileZilla to test the above configuration changes.
# sudo service vsftpd restart
That’s it we have completed installing a secure FTP with SSL/TLS.