How to Install ProFTPd + TLS On Ubuntu/debian/mint

by
Share this Article: Facebook0Google+0Twitter0LinkedIn0Reddit0StumbleUpon0

The TLS protocol allows client/server applications to communicate across a network in a way designed to prevent eavesdropping, tampering, and message forgery. TLS provides endpoint authentication and communications confidentiality over the Internet using cryptography. TLS provides RSA security with 1024 and 2048 bit strengths.

ProFTPD is a FTP server, it uses only one configuration file “/etc/proftpd.conf”. The ProFTPD config file is very similar to Apache’s config file. It can be used to configure multiple virtual FTP servers easily, and has chroot capabilities depending on the underlying filesystem. It can run as standalone server or inetd service. It’s able to work over IPv6.

 



Its design is modular, which enabled writing SSL/TLS encryption, RADIUS, LDAP and SQL extensions as modules.

In this tutorial we will show you how to install Proftpd+TLS

Now let`s install protpd , so open a terminal and type the command :

Sudo   apt-get    install  propftpd  openssl

Now we have to edit  proftpd config file

vi /etc/proftpd/proftpd.conf

Add this

DefaultRoot ~
IdentLookups off
ServerIdent on "FTP Server ready."

Now Create  this  directory;

mkdir /etc/proftpd/openssl

 

and generate the SSL certificate with this command :

openssl req -new -x509 -days 365 -nodes -out /etc/proftpd/openssl/proftpd.cert.pem -keyout /etc/proftpd/openssl/proftpd.key.pem

you will get  something  like  to apply :

Country Name (2 letter code) [AU]: 
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:
Email Address []: <-- Enter your Email Address.


Now  enable  TLS In ProFTPd, to do that edit proftpd config file   :

vi /etc/proftpd/proftpd.conf

and  add

Include /etc/proftpd/tls.conf


now   open /etc/proftpd/tls.conf

vi /etc/proftpd/tls.conf

and  add


TLSEngine on
TLSLog /var/log/proftpd/tls.log
TLSProtocol SSLv23
TLSOptions NoCertRequest
TLSRSACertificateFile /etc/proftpd/openssl/proftpd.cert.pem
TLSRSACertificateKeyFile /etc/proftpd/openssl/proftpd.key.pem
TLSVerifyClient off
TLSRequired on


Now  restart   the  proftpd  server:

/etc/init.d/proftpd restart

Start   your ftp  client  and  connect

Enjoy

For questions please refer to our Q/A forum at : http://ask.unixmen.com/

Share this Article: Facebook0Google+0Twitter0LinkedIn0Reddit0StumbleUpon0