FTP is a very insecure protocol because all passwords and all data are transferred in clear text. By using TLS, the whole communication can be encrypted, thus making FTP much more secure. This article explains how to configure PureFTPd to accept TLS sessions on a Debian Lenny server.<\/p>\n
OpenSSL is needed by TLS; to install OpenSSL, we simply run (verify version or if installed \/ openssl version<\/strong>) :<\/p>\n If you want to allow FTP and<\/b> TLS sessions, run<\/p>\n If you want to accept TLS sessions only (no FTP), run<\/p>\n instead.<\/p>\n To not allow TLS at all (only FTP), either delete \/etc\/pure-ftpd\/conf\/TLS or run<\/p>\n <\/p>\n In order to use TLS, we must create an SSL certificate. I create it in \/etc\/ssl\/private\/, therefore I create that directory first:<\/p>\n Afterwards, we can generate the SSL certificate as follows:<\/p>\n Country Name (2 letter code) [AU]: <– Enter your Country Name (e.g., “DE”). Change the permissions of the SSL certificate:<\/p>\n Finally restart PureFTPd:<\/p>\n That’s it. You can now try to connect using your FTP client; however, you should configure your FTP client to use TLS\/SSL explicit encryption.<\/p>\n <\/p>\n","protected":false},"excerpt":{"rendered":" FTP is a very insecure protocol because all passwords and all data are transferred in clear text. By using TLS, the whole communication can be encrypted, thus making FTP much more secure. This article...<\/p>\n","protected":false},"author":1,"featured_media":2843,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[34,14],"tags":[],"youtube_video":null,"_links":{"self":[{"href":"https:\/\/www.extradrm.com\/index.php?rest_route=\/wp\/v2\/posts\/2758"}],"collection":[{"href":"https:\/\/www.extradrm.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.extradrm.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.extradrm.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.extradrm.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2758"}],"version-history":[{"count":0,"href":"https:\/\/www.extradrm.com\/index.php?rest_route=\/wp\/v2\/posts\/2758\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.extradrm.com\/index.php?rest_route=\/wp\/v2\/media\/2843"}],"wp:attachment":[{"href":"https:\/\/www.extradrm.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2758"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.extradrm.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2758"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.extradrm.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2758"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}aptitude install openssl<\/pre>\n
2 Configuring PureFTPd<\/h3>\n
echo 1 > \/etc\/pure-ftpd\/conf\/TLS<\/pre>\n
echo 2 > \/etc\/pure-ftpd\/conf\/TLS<\/pre>\n
echo 0 > \/etc\/pure-ftpd\/conf\/TLS<\/pre>\n
3 Creating The SSL Certificate For TLS<\/h3>\n
mkdir -p \/etc\/ssl\/private\/<\/pre>\n
openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -keyout \/etc\/ssl\/private\/pure-ftpd.pem -out \/etc\/ssl\/private\/pure-ftpd.pem<\/pre>\n
\nState or Province Name (full name) [Some-State]:<– Enter your State or Province Name.
\nLocality Name (eg, city) []:<– Enter your City.
\nOrganization Name (eg, company) [Internet Widgits Pty Ltd]:<– Enter your Organization Name (e.g., the name of your company).
\nOrganizational Unit Name (eg, section) []:<– Enter your Organizational Unit Name (e.g. “IT Department”).
\nCommon Name (eg, YOUR name) []:<– Enter the Fully Qualified Domain Name of the system (e.g. “server1.example.com”).
\nEmail Address []:<– Enter your Email Address.<\/p>\nchmod 600 \/etc\/ssl\/private\/pure-ftpd.pem<\/pre>\n
\/etc\/init.d\/pure-ftpd-mysql restart<\/pre>\n