How to Configure vsftpd for Secure Connections using OpenSSL
1. Install vsftd using RPM.
[root@linux] rpm -Uvh vsftpd-2.0.1-5.EL4.3.i386.rpm
2. Now you need to generate certificate by using OpenSSL with following command:
[root@linux] openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout /etc/vsftpd/vsftpd.pem -out /etc/vsftpd/vsftpd.pem
This will prompt for series of questions which you need to answer. Now the certificate is ready to use at /etc/vsftpd/ directory.
3. In the last step you need to modify /etc/vsftpd/vsftpd.conf and add following lines at the end of file.
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=NO
force_local_logins_ssl=NO
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
rsa_cert_file=/etc/vsftpd/vsftpd.pem
Now restart vsftpd service for these settings to take effect.
[root@linux] /etc/rc.d/init.d/vsftpd restart
Certificate is ready to use.
[root@linux] rpm -Uvh vsftpd-2.0.1-5.EL4.3.i386.rpm
2. Now you need to generate certificate by using OpenSSL with following command:
[root@linux] openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout /etc/vsftpd/vsftpd.pem -out /etc/vsftpd/vsftpd.pem
This will prompt for series of questions which you need to answer. Now the certificate is ready to use at /etc/vsftpd/ directory.
3. In the last step you need to modify /etc/vsftpd/vsftpd.conf and add following lines at the end of file.
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=NO
force_local_logins_ssl=NO
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
rsa_cert_file=/etc/vsftpd/vsftpd.pem
Now restart vsftpd service for these settings to take effect.
[root@linux] /etc/rc.d/init.d/vsftpd restart
Certificate is ready to use.
Comments
Post a Comment