Enable TLS/ssl proftpd Ubuntu/Fedora/Centos

Question: How  to Enable  tls/ssl  in proftpd

Benefits of TLS/SSL

TLS/SSL provides numerous benefits to clients and servers over other methods of authentication, including:

– Strong authentication, message privacy, and integrity
– Interoperability
– Algorithm flexibility
– Ease of deployment
– Ease of use

1- Install  Proftpd and openssl

 apt-get install proftpd openssl
yum install proftpd openssl

 2- Create   SSL Certificates

 mkdir /opt/ssl/
cd   /opt/ssl

3- Generate  ssl certificate  with

 openssl req -new -x509 -days 365 -nodes -out proftpd.cert.pem -keyout proftpd.key.pem
Generating a 2048 bit RSA private key
.....................+++
..........+++
writing new private key to 'proftpd.key.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:NL
State or Province Name (full name) []:Adam
Locality Name (eg, city) [Default City]:Adam
Organization Name (eg, company) [Default Company Ltd]:Unixmen
Organizational Unit Name (eg, section) []:Unixmen
Common Name (eg, your name or your server's hostname) []:Unixmen-test
Email Address []:@unixmen.com

4- Enable TLS In ProFTPd

Edit  /etc/proftpf/proftpd.conf or /etc/proftpd.conf (Ubuntu/Centos)

<IfModule mod_tls.c>
TLSEngine                  on
TLSLog                     /var/log/proftpd/tls.log
TLSProtocol                SSLv23
TLSOptions                 NoCertRequest
TLSRSACertificateFile      /opt/ssl/proftpd.cert.pem
TLSRSACertificateKeyFile   /opt/ssl/proftpd.key.pem
TLSVerifyClient            off
TLSRequired                on
</IfModule>

5- Check if  proftpd ready with:

# proftpd -vv
ProFTPD Version: 1.3.3g (maint)
Scoreboard Version: 01040003
Built: Thu Nov 10 2011 16:20:47 UTC
Loaded modules:
mod_lang/0.9
mod_ctrls/0.9.4
mod_cap/1.0
mod_vroot/0.9.2
mod_tls/2.4.2
mod_auth_pam/1.1
mod_readme.c
mod_ident/1.0
mod_dso/0.5
mod_facts/0.1
mod_delay/0.6
mod_site.c
mod_log.c
mod_ls.c
mod_auth.c
mod_auth_file/0.8.3
mod_auth_unix.c
mod_xfer.c
mod_core.c

6- Now   start proftpd

 /etc/init.d/proftpd  start
Starting proftpd:                                          [  OK  ]

and is done!