Securing FTP
Vsftpd is a widely used ftp server, and if you are setting it up on your server for transferring files, then be aware of the security issues that come along. The ftp protocol has weak security inherent to its design. It transfers all data in plain text (unencrypted), and on public/unsecure network this is something too risky.
To fix the issue we have FTPS. It secures FTP communication by encrypting it with SSL/TLS. And this post shows how to setup SSL encryption with vsftpd.
Install vsftpd
Vsftpd is available in the default repositories of all major distros including debian,ubuntu, centos and fedora and can be installed without any hassles. There is only one configuration file named vsftpd.conf that resides in the /etc directory.
# ubuntu/debian
$ sudo apt-get install vsftpd
# centos/fedora
# sudo yum install vsftpd
The remaining is to configure vsftpd to use ssl encryption for the ftp communication. It is just a 2 step process.
Generate a SSL certificate
The first step is to create an ssl certificate and key file that vsftpd is going to use for the encryption. The configuration parameter "rsa_cert_file" shall hold the path to the certificate file. It does have a default value that can be found in the man page.
$...
Read full post here
How to configure vsftpd to use SSL/TLS (FTPS) on CentOS/Ubuntu
Vsftpd is a widely used ftp server, and if you are setting it up on your server for transferring files, then be aware of the security issues that come along. The ftp protocol has weak security inherent to its design. It transfers all data in plain text (unencrypted), and on public/unsecure network this is something too risky.
To fix the issue we have FTPS. It secures FTP communication by encrypting it with SSL/TLS. And this post shows how to setup SSL encryption with vsftpd.
Install vsftpd
Vsftpd is available in the default repositories of all major distros including debian,ubuntu, centos and fedora and can be installed without any hassles. There is only one configuration file named vsftpd.conf that resides in the /etc directory.
# ubuntu/debian
$ sudo apt-get install vsftpd
# centos/fedora
# sudo yum install vsftpd
The remaining is to configure vsftpd to use ssl encryption for the ftp communication. It is just a 2 step process.
Generate a SSL certificate
The first step is to create an ssl certificate and key file that vsftpd is going to use for the encryption. The configuration parameter "rsa_cert_file" shall hold the path to the certificate file. It does have a default value that can be found in the man page.
$...
Read full post here
How to configure vsftpd to use SSL/TLS (FTPS) on CentOS/Ubuntu