How to install TLS for FTP

CentOS Web Panel is deployed in Contact us to find out our latest offers!

As now all is moving to https it’s also good to enable SSL/TLS for FTP to protect plain text login credentials.
Our instruction will guide you to install and configure pure-ftpd to use SSL/TLS.

Requirements: Hostname certificate already installed, check that these files exist:
/etc/pki/tls/private/hostname.key
/etc/pki/tls/certs/hostname.crt

Create Certificate File for pure-ftpd

cat /etc/pki/tls/private/hostname.key > /etc/pki/tls/private/pure-ftpd.pem
cat /etc/pki/tls/certs/hostname.crt >> /etc/pki/tls/private/pure-ftpd.pem
chmod 600 /etc/pki/tls/private/pure-ftpd.pem

Edit File: /etc/pure-ftpd/pure-ftpd.conf end set this values:

TLS 1
TLSCipherSuite HIGH
CertFile /etc/pki/tls/private/pure-ftpd.pem

Available options :
TLS 0 : disable SSL/TLS encryption layer (default on install).
TLS 1 : accept both traditional and encrypted sessions.
TLS 2 : refuse connections that don’t use SSL/TLS security mechanisms, including anonymous sessions.

In the latest centos7 version 0.9.8.757+ you can install it with command:

sh /scripts/install_pure-ftpd_tls

How to connect
FileZilla example details
Host: ftpes://HOSTNAME
Username: USERNAME
Password: PASSWORD
Port: 21

CentOS Web Panel is deployed in Contact us to find out our latest offers!

Comments are closed.