Secure FTP

Posted on 2006-05-15
Last Modified: 2008-01-09
I have a linux server (enterprise edition). Currently have vsftpd setup and running. I need the FTP sesssion that is established to be encrypted from our server to other vendors. What do I need to do to setup a secure FTP server that vendors can send information back and forth to us?
    LVL 14

    Expert Comment

    Although vsftpd supports FTP/SSL, most other FTP implementations do not (or at least most sites don't have it configured to work even if the underlying FTP server does support it). Plus most FTP clients don't support it either.

    Therefore I would not recommend relying on FTP/SSL for securing connections to multiple business partners.

    Other options to look at are:
    1. Open-text FTP, but PGP-encrypt/sign the data.
    2. Open-text FTP over VPNs
    3. Web app that lets you do uploads and downloads and runs in an HTTP/S session
    4. XML/SOAP/SOA type web app under HTTP/S
    LVL 2

    Expert Comment

    ssh and windows secure copy?
    LVL 17

    Expert Comment

    Use OFTP.

    BR Dushan
    LVL 15

    Expert Comment

    As a matter of fact, there is a number of clients that support FTPS (or FTP with AUTH command and SSL encryption of password and/or data):

    LVL 19

    Expert Comment

    Enable SSL on your vsftp and give this program to your users:

    winscp is freeware and works pretty well for our clients

    however, I use it along with ssh and a restricted shell:

    Accepted Solution

    Why not configure openSSH on your linux system. This will not only provide SSH ( Secure Shell = Encrypted telne) but also provide SCP (Secure copy= Encrypted FTP).  Since these ftp session will be encrypted, users will require to use special FTP client programe such as PSFTP ( or winscp. By default SSH service runs on 22 port so you need to open this port on your firewall, if any, between sever and client/users.

    all the best
    LVL 11

    Expert Comment

    kanwalzeet has the right idea.
    LVL 19

    Expert Comment


    the same idea I posted before 8-)

    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    Join & Write a Comment

    Hello EE, Today we will learn how to send all your network traffic through Tor which is useful to get around censorship and being tracked all together to a certain degree. This article assumes you will be using Linux, have a minimal knowledge of …
    BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (, affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
    how to add IIS SMTP to handle application/Scanner relays into office 365.
    This video is in connection to the article "The case of a missing mobile phone (". It will help one to understand clearly the steps to track a lost android phone.

    746 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now