VSFTP on debian

can someone help me to install vsftp Server on Debian with SSL certification?

I followed many guiedes but no success.

my Server can connect locally but after certification install no 21 port from externally.

needs needsAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David FavorLinux/LXD/WordPress/Hosting SavantCommented:
Oh man... vsftp is a bear of a server to setup + maintain, as it's always glitching + the enforced permission requirements of parent directories of users... geez... you'll be pulling your hair out in no time.

Better to setup SFTP as follows...

 Install a sensible SFTP server, that works out of the box, like you'd expect.
apt-get install mysecureshell

# Answer yes to any prompts for things to fix.

# In config file, I normally do this...

# In /etc/ssh/sftp_config ... Comment out forced /home nonsense.
# Home ...

# Designate a log file, so you can debug problems.
LogFile                 /var/log/sftp-server_ftp.log

# Bounce SFTP (start/restart)
service mysecureshell restart

Open in new window

And you're done. No mucking about with adding users in some odd way or managing weird directory hierarchies to get vsftpd + other SFTP servers working.

You don't require SSL certs, as SFTP handles this via SSH (behind the scenes).

You may also prefer to increase - GlobalDownload + GlobalUpload + Download - if you have many users, transferring large files.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Dr. KlahnPrincipal Software EngineerCommented:
David is correct.  Unless there is a specific, contractual demand for vsftp support - then standard sftp is the way to go.
needs needsAuthor Commented:
thank you
what about security sftp? ,unfortunatly i do not know about SFTP
Acronis True Image 2019 just released!

Create a reliable backup. Make sure you always have dependable copies of your data so you can restore your entire system or individual files.

needs needsAuthor Commented:
which ftp Server you can suggest for Debian Linux?
needs needsAuthor Commented:
my vsftp locally works perfekt but only the Problem ,after SSL certification creation that no Access from Internet again
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
Dr. Klahn as obviously descended into the dark abyss that is vsftpd.

I remember at one point wrestling with vsftpd for weeks on a client site with many users, which had to be able to effect Web content under their own user IDs. I never did get it rock solid.

Installing mysecureshell resolved the entire setup in... well... the 30 seconds it took to install the mysecureshell package.

If you have extra time, play solitaire or video games, instead of messing with vsftpd or any other FTP server for that matter. Playing solitaire or video games are far more enjoyable.
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
Only run FTP if you'd like all your FTP connections hacked + whatever data is being transferred destroyed or stolen.

SFTP is secure FTP (FTP over ssh), so login credentials are encrypted.

FTP is one of the primary vectors hackers use to access sites.

Use FTP at your peril.

Most FTP clients implement SFTP now. FileZilla is the one I recommend to clients.
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
For Debian/Ubuntu - mysecureshell is the SFTP server I prefer.

Also, you may prefer Ubuntu over Debian as Ubuntu package is much more friendly... at least for projects generating high cashflow, where you're just after a working system, with minimum setup effort.

Debian is more flexible + much harder to get working, for most application stacks.
needs needsAuthor Commented:
This is http://canyouseeme.org/ where i check my ftp port on Internet.

Now:  success ftp   This without SSL .It works externally.

after that i do my Debian Server SSL own certification with command :
openssl req -x509 -nodes -days 1825 -newkey rsa:2048 -keyout /etc/ssl/certs/vsftpd.pem -out /etc/ssl/certs/vsftpd.pem

then externally ftp Server not reachable.
needs needsAuthor Commented:
if Firewall Problem ,why works first time ,i do not understand where is the problem
needs needsAuthor Commented:
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.