{"id":379,"date":"2020-11-23T11:56:25","date_gmt":"2020-11-23T11:56:25","guid":{"rendered":"http:\/\/velaninfo.com\/resources\/?post_type=techtips&#038;p=379"},"modified":"2023-12-07T18:02:29","modified_gmt":"2023-12-07T18:02:29","slug":"how-to-configure-vsftpd-with-ssl","status":"publish","type":"techtips","link":"https:\/\/www.velaninfo.com\/rs\/techtips\/how-to-configure-vsftpd-with-ssl\/","title":{"rendered":"How To Configure VSFTPD With SSL?"},"content":{"rendered":"<p>This document discusses how to configure vsftpd to work with SSL encryption.<\/p>\n<p><strong>Requirement:<\/strong><\/p>\n<ol>\n<li>SSL certificate<\/li>\n<li>VSFTPD Server<\/li>\n<\/ol>\n<p>If you do not know how to install a VSFTPD server, please click on the link <a href=\"https:\/\/www.velaninfo.com\/resources\/techtips\/how-to-install-and-configure-vsftpd\/\">How to Install VSFTPD<\/a><\/p>\n<p><strong>Please follow the below steps<\/strong><\/p>\n<ol>\n<li>Prepare a place for the SSL key to live:<\/li>\n<\/ol>\n<p><code>mkdir \/etc\/ssl\/private<\/code><\/p>\n<ol start=\"2\">\n<li>For this example, we are using a configure vsftpd self-signed SSL<\/li>\n<\/ol>\n<p><code>openssl req \u2013x509 \u2013nodes \u2013days 365 \u2013newkey rsa:2048 \u2013keyout<br \/>\n\/etc\/ssl\/private\/vsftpd.key \u2013out \/etc\/ssl\/certs\/vsftpd.crt<\/code><br \/>\nNote: if you have purchased a SSL, you can put the key in the \/etc\/ssl\/private\/vsftpd.key and the certificate in \/etc\/ssl\/certs\/vsftpd.crt<\/p>\n<ol start=\"3\">\n<li>Configure vsftpd server to use this certificate<\/li>\n<\/ol>\n<p><code>vim \/etc\/vsftpd\/vsftpd.conf<\/code><br \/>\nYou can use any editor you prefer instead of vim<\/p>\n<ol start=\"4\">\n<li>Add the below configurations at the bottom of the config file available at \/etc\/vsftpd\/vsftpd.conf<\/li>\n<\/ol>\n<p><code>ssl_enable=YES<\/code><br \/>\n(This option enables SSL support for vsftpd)<\/p>\n<p><code>allow_anon_ssl=NO<\/code><br \/>\n(Prevent anonymous SSL\/TLS encrypted login)<\/p>\n<p><code>force_local_data_ssl=YES<br \/>\nforce_local_logins_ssl=YES<\/code><br \/>\n(To force SSL\/TLS encryption of both your username\/password and your data to keep it safe.)<\/p>\n<p><code>ssl_tlsv1_1=YES<br \/>\nssl_tlsv1_2=YES<\/code><br \/>\n(Use the stronger, better, encryption offered by TLS 1.1 and 1.2.)<\/p>\n<p><code>ssl_tlsv1=NO<\/code><br \/>\n(TLS 1.0 is getting a little more insecure than we would like, so we are going to disable it. Some of the older ftp clients may not be compatible with newer version of TLS and may require this option to be set as \u201cYES\u201d)<\/p>\n<p><code>ssl_sslv2=NO<br \/>\nssl_sslv3=NO<\/code><br \/>\n(SSLv2 and SSLv3 is set as disable to protect for BEAST and POODLE vulnerabilities)<\/p>\n<p>(Continuing our security improvements we are going to add some additional protection against Man In The Middle (MITM) attacks by enabling the following. Older FTP client may be incompatible. If you see a connection loss set this option to \u201cNO\u201d)<\/p>\n<p><code>require_ssl_reuse=YES<\/code><br \/>\n(This will require the server to use stronger cipher suites.)<\/p>\n<p><code>ssl_ciphers=HIGH<\/code><br \/>\n(Lastly, our crt and key file.)<\/p>\n<p><code>rsa_cert_file=\/etc\/ssl\/certs\/vsftpd.crt<br \/>\nrsa_private_key_file=\/etc\/ssl\/private\/vsftpd.key<\/code><\/p>\n<ol start=\"5\">\n<li>Save and exit from the editor<\/li>\n<li>Now that we have added to the configuration file, we should restart the vsftpd server<\/li>\n<\/ol>\n<p><code>Systemctl restart vsftpd<\/code><br \/>\nor<br \/>\n<code>service restart vsftpd<\/code><br \/>\nSSL encryption is one of the leading forms of protecting data in transit to your server.<\/p>\n<p>At <a href=\"https:\/\/www.velaninfo.com\/\">Velan<\/a>, our server support engineers can help you setup your SSL based ftp server using vsftpd. For details, please visit <a href=\"https:\/\/www.velaninfo.com\/mservices\/managed-it-services\"><strong>Outsourced Managed IT Services<\/strong><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>At Velan, our server support engineers can help you setup your SSL based ftp server using vsftpd. For details, please visit https:\/\/www.velaninfo.com\/mservices\/managed-it-services<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","template":"","meta":{"footnotes":""},"tags":[],"class_list":["post-379","techtips","type-techtips","status-publish","hentry","Categories_tech_tip-linux","Categories_tech_tip-security","Categories_tech_tip-server"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v19.5 (Yoast SEO v27.5) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>How To Configure VSFTPD With SSL? - Velan<\/title>\n<meta name=\"description\" content=\"Securely configure VSFTPD with SSL for enhanced FTP security. Follow our step-by-step guide to optimize file transfer protocol settings\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.velaninfo.com\/rs\/techtips\/how-to-configure-vsftpd-with-ssl\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How To Configure VSFTPD With SSL?\" \/>\n<meta property=\"og:description\" content=\"Securely configure VSFTPD with SSL for enhanced FTP security. Follow our step-by-step guide to optimize file transfer protocol settings\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.velaninfo.com\/rs\/techtips\/how-to-configure-vsftpd-with-ssl\/\" \/>\n<meta property=\"og:site_name\" content=\"Velan\" \/>\n<meta property=\"article:modified_time\" content=\"2023-12-07T18:02:29+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.velaninfo.com\\\/rs\\\/techtips\\\/how-to-configure-vsftpd-with-ssl\\\/\",\"url\":\"https:\\\/\\\/www.velaninfo.com\\\/rs\\\/techtips\\\/how-to-configure-vsftpd-with-ssl\\\/\",\"name\":\"How To Configure VSFTPD With SSL? - Velan\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.velaninfo.com\\\/rs\\\/#website\"},\"datePublished\":\"2020-11-23T11:56:25+00:00\",\"dateModified\":\"2023-12-07T18:02:29+00:00\",\"description\":\"Securely configure VSFTPD with SSL for enhanced FTP security. Follow our step-by-step guide to optimize file transfer protocol settings\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.velaninfo.com\\\/rs\\\/techtips\\\/how-to-configure-vsftpd-with-ssl\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.velaninfo.com\\\/rs\\\/techtips\\\/how-to-configure-vsftpd-with-ssl\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.velaninfo.com\\\/rs\\\/techtips\\\/how-to-configure-vsftpd-with-ssl\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.velaninfo.com\\\/rs\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Tech Tips\",\"item\":\"https:\\\/\\\/www.velaninfo.com\\\/rs\\\/techtips\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"How To Configure VSFTPD With SSL?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.velaninfo.com\\\/rs\\\/#website\",\"url\":\"https:\\\/\\\/www.velaninfo.com\\\/rs\\\/\",\"name\":\"Velan\",\"description\":\"Velaninfo Services India Pvt Ltd\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.velaninfo.com\\\/rs\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"How To Configure VSFTPD With SSL? - Velan","description":"Securely configure VSFTPD with SSL for enhanced FTP security. Follow our step-by-step guide to optimize file transfer protocol settings","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.velaninfo.com\/rs\/techtips\/how-to-configure-vsftpd-with-ssl\/","og_locale":"en_US","og_type":"article","og_title":"How To Configure VSFTPD With SSL?","og_description":"Securely configure VSFTPD with SSL for enhanced FTP security. Follow our step-by-step guide to optimize file transfer protocol settings","og_url":"https:\/\/www.velaninfo.com\/rs\/techtips\/how-to-configure-vsftpd-with-ssl\/","og_site_name":"Velan","article_modified_time":"2023-12-07T18:02:29+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.velaninfo.com\/rs\/techtips\/how-to-configure-vsftpd-with-ssl\/","url":"https:\/\/www.velaninfo.com\/rs\/techtips\/how-to-configure-vsftpd-with-ssl\/","name":"How To Configure VSFTPD With SSL? - Velan","isPartOf":{"@id":"https:\/\/www.velaninfo.com\/rs\/#website"},"datePublished":"2020-11-23T11:56:25+00:00","dateModified":"2023-12-07T18:02:29+00:00","description":"Securely configure VSFTPD with SSL for enhanced FTP security. Follow our step-by-step guide to optimize file transfer protocol settings","breadcrumb":{"@id":"https:\/\/www.velaninfo.com\/rs\/techtips\/how-to-configure-vsftpd-with-ssl\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.velaninfo.com\/rs\/techtips\/how-to-configure-vsftpd-with-ssl\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.velaninfo.com\/rs\/techtips\/how-to-configure-vsftpd-with-ssl\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.velaninfo.com\/rs\/"},{"@type":"ListItem","position":2,"name":"Tech Tips","item":"https:\/\/www.velaninfo.com\/rs\/techtips\/"},{"@type":"ListItem","position":3,"name":"How To Configure VSFTPD With SSL?"}]},{"@type":"WebSite","@id":"https:\/\/www.velaninfo.com\/rs\/#website","url":"https:\/\/www.velaninfo.com\/rs\/","name":"Velan","description":"Velaninfo Services India Pvt Ltd","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.velaninfo.com\/rs\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"}]}},"_links":{"self":[{"href":"https:\/\/www.velaninfo.com\/rs\/wp-json\/wp\/v2\/techtips\/379","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.velaninfo.com\/rs\/wp-json\/wp\/v2\/techtips"}],"about":[{"href":"https:\/\/www.velaninfo.com\/rs\/wp-json\/wp\/v2\/types\/techtips"}],"author":[{"embeddable":true,"href":"https:\/\/www.velaninfo.com\/rs\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.velaninfo.com\/rs\/wp-json\/wp\/v2\/comments?post=379"}],"version-history":[{"count":6,"href":"https:\/\/www.velaninfo.com\/rs\/wp-json\/wp\/v2\/techtips\/379\/revisions"}],"predecessor-version":[{"id":2062,"href":"https:\/\/www.velaninfo.com\/rs\/wp-json\/wp\/v2\/techtips\/379\/revisions\/2062"}],"wp:attachment":[{"href":"https:\/\/www.velaninfo.com\/rs\/wp-json\/wp\/v2\/media?parent=379"}],"wp:term":[{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.velaninfo.com\/rs\/wp-json\/wp\/v2\/tags?post=379"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}