FTP Server : Vsftpd Over SSL/TLS

 Enable SSL/TLS for Vsftpd to use secure FTP connections.

[1]. Create self-signed certificates.

But if you use valid certificates like from Let's Encrypt or others, you don't need to create this one.

[root@www ~]# cd /etc/pki/tls/certs

[root@www certs]# openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/pki/tls/certs/vsftpd.pem -out /etc/pki/tls/certs/vsftpd.pem

/certs/vsftpd.pem -out /etc/pki/tls/certs/vsftpd.pem a:2048 -keyout /etc/pki/tls/

Generating a RSA private key

........................+++++

..................+++++

writing new private key to '/etc/pki/tls/certs/vsftpd.pem'

-----

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

-----

Country Name (2 letter code) [XX]:JP   # country code

State or Province Name (full name) []:Hiroshima    # State

Locality Name (eg, city) [Default City]:Hiroshima  # city

Organization Name (eg, company) [Default Company Ltd]:GTS  # company

Organizational Unit Name (eg, section) []:Server World     # department

Common Name (eg, your name or your server's hostname) []:www.srv.world  # server's FQDN

Email Address []:root@srv.world   # admin's email


[root@www certs]# chmod 600 vsftpd.pem

[2]. Configure Vsftpd. Configure basic settings before it, refer to here.

[root@www ~]# vi /etc/vsftpd/vsftpd.conf

# add to the end : enable SSL/TLS

rsa_cert_file=/etc/pki/tls/certs/vsftpd.pem

ssl_enable=YES

force_local_data_ssl=YES

force_local_logins_ssl=YES

[root@www ~]# systemctl restart vsftpd

FTP Client : CentOS

 

Configure FTP Client to use FTPS connection on CentOS.

[3]. Install FTP Client first, and configure like follows.

[redhat@dlp ~]$ vi ~/.lftprc

# create new

set ftp:ssl-auth TLS

set ftp:ssl-force true

set ftp:ssl-protect-list yes

set ftp:ssl-protect-data yes

set ftp:ssl-protect-fxp yes

set ssl:verify-certificate no

[redhat@dlp ~]$ lftp -u cent www.srv.world

Password:

lftp cent@www.srv.world:~>

Comments

Post a Comment

Popular posts from this blog

Java : Variables Declaring

[1]. Java Variables Variables are containers for storing data values. In Java, there are different types of variables, for example: String - stores text, such as "Hello". String values are surrounded by double quotes int - stores integers (whole numbers), without decimals, such as 123 or -123 float - stores floating point numbers, with decimals, such as 19.99 or -19.99 char - stores single characters, such as 'a' or 'B'. Char values are surrounded by single quotes boolean - stores values with two states: true or false [2]. Declaring (Creating) Variables To create a variable, you must specify the type and assign it a value: Syntax type variable = value ; Where type is one of Java's types (such as int or String), and variable is the name of the variable (such as x or name). The equal sign is used to assign values to the variable. To create a variable that should store text, look at the following example: Example Create a variable called  name  of type  Stri
Read more

SQL Self JOIN

SQL Self JOIN A self JOIN is a regular join, but the table is joined with itself. Self JOIN Syntax SELECT column_name(s) FROM table1 T1, table1 T2 WHERE condition; T1 and T2 are different table aliases for the same table.
Read more