Solved

Install secure ftp on CentOS

Posted on 2012-04-07
2
749 Views
Last Modified: 2012-04-16
Hi,

I would like to get help to install secure FTP on CentOS 6.0.

Thanks
0
Comment
Question by:wsyy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 79

Expert Comment

by:arnold
ID: 37820389
Are you talking about ftps or sftp?
Proftpd, vsftpd or looking at using the sftp which is part of the OpenSSh?

Which FTP server do you have/want?
0
 
LVL 25

Accepted Solution

by:
madunix earned 200 total points
ID: 37821685
To install ftp services on centos check
http://www.cyberciti.biz/faq/rhel-centos-linux-install-ftp-server/
http://wiki.vpslink.com/Configuring_vsftpd_for_secure_connections_(TLS/SSL/SFTP)


In order to use SSL encryption, FTP server requires a certificate to be installed. Thus obtain a Certificate from a Certificate Authority or create a self signed (not recommended) certificate using the below command.

Creating a self signed certificate
$ cd /etc/pki/tls/certs/
$ make /etc/vsftpd/vsftpd.pem

Next make it so that root is the only user that can read this file:
$ chmod 600 /etc/vsftpd/vsftpd.pem

Edit the vsftpd configuration file /etc/vsftpd/vsftpd.conf, append or modify the options as shown below.
ssl_enable=YES
allow_anon_ssl=YES
force_local_data_ssl=NO
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
rsa_cert_file=/etc/vsftpd/vsftpd.pem

The above directives enable SSL for local users but disable SSL for anonymous connections and force SSL for data transfers and logins. For a more info, please check the man page of vsftpd.conf. (man vsftpd.conf)

Restart the vsftpd daemon to make the changes take effect.
$ service vsftpd restart

Note: Use a client that does support the ftps protocol, for Linux, gftp does this quite well, however it initially rejects self-signed server certificates. This can be fixed by disabling the "Verify SSL Peer" setting in options. When making connections, be sure to select the FTPS protocol.

Using sftp for Secure File Transfer, note sftp uses a secure, encrypted connection to establish the ftp transfer. sftp is available for version 2.5.0p1 and higher. Make sure that this is not using a ftp protocol but is rather using the ssh protocol on port 22. However, it functions much like ftp. You cannot connect to a ftp server using sftp as they use different protocols and ports.
0

Featured Post

Enroll in July's Course of the Month

July's Course of the Month is now available! Enroll to learn HTML5 and prepare for certification. It's free for Premium Members, Team Accounts, and Qualified Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
The purpose of this article is to demonstrate how we can use conditional statements using Python.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Suggested Courses

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question