Introduction to VSFTPD with SSL

Most of the production environment are not allowed to use FTP service instead we need to replace with sftp of vsftp with SSL. Let us see how to implement VSFTPD with SSL/TLS by following below step by step guide.

Looking for setting up a secured SFTP server?

Package Installation

Install the vsftpd package using:

#sudo apt-get install vsftpd

Once done with installation continue to install the OpenSSL package which provides the SSL/TLS options.

#sudo apt-get install openssl

Generate Certificate files

Navigate to SSL directory to create certificate files

# sudo openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/ssl/vsftpd.pem -out /etc/ssl/vsftpd.pem

Then change the permission for certificate file to access only by root user

# sudo chmod 600 vsftpd.pem

Configure VSFTPF server

Edit the configuration using vim as follows

# sudo vim /etc/vsftpd.conf

Change the location of certificate file under below directive

# rsa_cert_file=/etc/ssl/vsftpd.pem
# rsa_private_key_file=/etc/ssl/vsftpd.pem

Then enable the SSL for vsftpd and force local user to use SSL

# ssl_enable=yes
# force_local_data_ssl=YES
# force_local_logins_ssl=YES
# pam_service_name=vsftpd

Restarting the Service

Restart the service and login from filezilla to test the above configuration changes.

# sudo service vsftpd restart

That’s it we have completed installing a secure FTP with SSL/TLS.

Babin Lonston
Overall 14+ Years of experience in IT field, 7+ years of experience in Linux administration with Virtualization & Cloud technologies. Love documentation and being Numismatics for a long time.

Filesystem backup using backup gem

Previous article

Setting up sftp with chroot

Next article

You may also like


Leave a reply

Your email address will not be published.