Solved

Install secure ftp on CentOS

Posted on 2012-04-07
2
745 Views
Last Modified: 2012-04-16
Hi,

I would like to get help to install secure FTP on CentOS 6.0.

Thanks
0
Comment
Question by:wsyy
2 Comments
 
LVL 77

Expert Comment

by:arnold
ID: 37820389
Are you talking about ftps or sftp?
Proftpd, vsftpd or looking at using the sftp which is part of the OpenSSh?

Which FTP server do you have/want?
0
 
LVL 25

Accepted Solution

by:
madunix earned 200 total points
ID: 37821685
To install ftp services on centos check
http://www.cyberciti.biz/faq/rhel-centos-linux-install-ftp-server/
http://wiki.vpslink.com/Configuring_vsftpd_for_secure_connections_(TLS/SSL/SFTP)


In order to use SSL encryption, FTP server requires a certificate to be installed. Thus obtain a Certificate from a Certificate Authority or create a self signed (not recommended) certificate using the below command.

Creating a self signed certificate
$ cd /etc/pki/tls/certs/
$ make /etc/vsftpd/vsftpd.pem

Next make it so that root is the only user that can read this file:
$ chmod 600 /etc/vsftpd/vsftpd.pem

Edit the vsftpd configuration file /etc/vsftpd/vsftpd.conf, append or modify the options as shown below.
ssl_enable=YES
allow_anon_ssl=YES
force_local_data_ssl=NO
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
rsa_cert_file=/etc/vsftpd/vsftpd.pem

The above directives enable SSL for local users but disable SSL for anonymous connections and force SSL for data transfers and logins. For a more info, please check the man page of vsftpd.conf. (man vsftpd.conf)

Restart the vsftpd daemon to make the changes take effect.
$ service vsftpd restart

Note: Use a client that does support the ftps protocol, for Linux, gftp does this quite well, however it initially rejects self-signed server certificates. This can be fixed by disabling the "Verify SSL Peer" setting in options. When making connections, be sure to select the FTPS protocol.

Using sftp for Secure File Transfer, note sftp uses a secure, encrypted connection to establish the ftp transfer. sftp is available for version 2.5.0p1 and higher. Make sure that this is not using a ftp protocol but is rather using the ssh protocol on port 22. However, it functions much like ftp. You cannot connect to a ftp server using sftp as they use different protocols and ports.
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is the error message I got (CODE) Error caused by incompatible libmp3lame 3.98-2 with ffmpeg I've googled this error message and found out sometimes it attaches this note "can be treated with downgrade libmp3lame to version 3.97 or 3.98" …
SSH (Secure Shell) - Tips and Tricks As you all know SSH(Secure Shell) is a network protocol, which we use to access/transfer files securely between two networked devices. SSH was actually designed as a replacement for insecure protocols that sen…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question