How To : FTPS Server Configuration in Linux | Linux Today
News
SHARE
Facebook X Pinterest WhatsApp

How To : FTPS Server Configuration in Linux

Written By
Web Webster
Web Webster
Mar 31, 2016

I astonish all the time when I see the FTP package name. vsftpd which abbreviated to Very Secure File Transfer Demon(vsftpd). But when we see the security prospective of this package there is no much security included with this package. I mean when you login to server the credentials are transferred in plain text. This is the reason by default root user is not allowed to login to ftp server. To eliminate transferring data/user credentials in plain text and to encrypt the entire transmission we can take help from openssl to generate a certificate and use SSL certificate when communicating with FTP server. This is nothing but a FTPS(FTP+SSL cert) server. Some file transfers you should know are.

1. TFTP(Trivial File Transfer Protocol which uses UDP for transmission) ???high data rates/not secure
2. SFTP (This protocol uses SSH in back-end, so you need to run an FTP server) ???secure
3. FTP (This is normal ftp transfer which uses TCP) ???not secure

4. FTPS(FTP+SSL certificate to encrypt data transmission) -secure

5. FTP Over SSH(this is a kind of ftp tunnel on SSH protocol) -secure

In this post we will see how we can configure SSL certificate for VSFTPD to make it secure.

Step 1: Check the following packages on the server and if they are not install please install them.
#yum install openssl
#yum install vsftpd
Step 2: Generate rsa key in /etc/vsftpd folder as shown below.

#cd /etc/vsftpd
#/usr/bin/openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout vsftpd.pem -out vsftpd.pem
The clipped output for your reference
[root@v-itig42 vsftpd]# /usr/bin/openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout vsftpd.pem -out vsftpd.pem
Generating a 1024 bit RSA private key
…………………………………………….++++++
……………………………………++++++
writing new private key to ‘vsftpd.pem’
—–
You are now asked to enter information that will be incorporated into your certificate request. What you are about to enter is called as Distinguished Name or a DN. There are many fields but you can leave some blank. For some fields there will be a default value, If you enter ???.???, the field will be left blank.
Read Full Post http://www.linuxnix.com/ftps-server-configuration/
Web Webster

Web Webster

Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.

Linux Today Logo

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

facebook
linkedin
x

Company

Contact us

Categories

News IT Management Infrastructure Developer Security High Performance Storage Blog

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information