Install vsftpd with SSL/TLS in Ubuntu Server

Introduction to FTP with SSL

Most of the production environment is not allowed to use FTP service instead we need to replace with SFTP or VSFTPD with SSL. Let us see how to implement VSFTPD with SSL/TLS by following below step by step guide.

Looking for setting up a secured SFTP server?

Package Installation

Install the vsftpd package using

#sudo apt-get install vsftpd

Once done with installation continue to install the OpenSSL package which provides the SSL/TLS options.

#sudo apt-get install openssl

Generate Certificate files

Navigate to SSL directory to create certificate files

# sudo openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/ssl/vsftpd.pem -out /etc/ssl/vsftpd.pem

Then change the permission for certificate file to access only by the root user

# sudo chmod 600 vsftpd.pem

Configure VSFTPD server

Edit the configuration using vim as follows

# sudo vim /etc/vsftpd.conf

Change the location of certificate file under below directive

# rsa_cert_file=/etc/ssl/vsftpd.pem
# rsa_private_key_file=/etc/ssl/vsftpd.pem

Then enable the SSL for vsftpd and force the local user to use SSL

# ssl_enable=yes
# force_local_data_ssl=YES
# force_local_logins_ssl=YES
# pam_service_name=vsftpd

Restarting the Service

Restart the service and login from FileZilla to test the above configuration changes.

# sudo service vsftpd restart

That’s it we have completed installing a secure FTP with SSL/TLS.