How to install ProFTPd with TLS on Debian Linux Server

Valic —  November 1, 2012 — 1 Comment

In this giude I will show you how to install and use ProFTPd with TLS on Debian Linux Server.

FTP protocol is insecure because all passwords and data are transferred in clear text, but with TSL all date can be encrypted and that makes FTP much secure.

Step1. Install ProFTPd and OpenSSL.

apt-get install proftpd-basic openssl

When you will be asked to choose  standalone or from inetd choose standalone.(see photo)

Proftpd standalone

Step2. Create  SSL certificate that will be used for TLS.

First create SSL folder. Here will be stored SSL certificates:

mkdir  -p /etc/proftpd/ssl

Now generate the SSL certificate using the following command:

openssl req -new -x509 -days 365 -nodes -out /etc/proftpd/ssl/proftpd.cert.pem -keyout /etc/proftpd/ssl/proftpd.key.pem

Country Name (2 letter code) [AU]:  Here enter your country.
State or Province Name (full name) [Some-State]: Here  enter your state or province name.
Locality Name (eg, city) []: here enter your City.
Organization Name (eg, company) [Internet Widgits Pty Ltd]: here  enter your Organization Name.
Organizational Unit Name (eg, section) []: here enter your organizational unit name.
Common Name (eg, YOUR name) []: here  enter your system name.
Email Address []: here enter your email address.

 

Step3. Enabe TLS In ProFTPd.

To enable TSL you need to uncomment the Include /etc/proftpd/tls.conf line from proftpd.conf. You can do that using the follwoing command:

sed -i ‘s/^#Include \/etc\/proftpd\/tls.conf/Include \/etc\/proftpd\/tls.conf/’  /etc/proftpd/proftpd.conf

The next step is to edit the tls.conf file.You can do that using the following commands:

sed -i -e ‘s/#TLSEn/TLSEn/’ -e ‘s/#TLSPro/TLSPro/’ -e ‘s/#TLSLog/TLSLog/’ -e ‘s/#TLSOpt/TLSOpt/’ -e ‘/TLSRSA/d’ -e ‘s/#TLSVeri/TLSVeri/’ -e ‘s/#TLSRe/TLSRe/’  /etc/proftpd/tls.conf

sed -i -e ‘/<\/IfMod/i \TLSRSACertificateFile      \/etc\/proftpd\/ssl/proftpd.cert.pem ‘ -e ‘/<\/IfMod/i \TLSRSACertificateKeyFile   \/etc/proftpd\/ssl\/proftpd.key.pem ‘  /etc/proftpd/tls.conf

OR:

Open the file with a text editor and modify it as follows:
<IfModule mod_tls.c>
TLSEngine on
TLSLog /var/log/proftpd/tls.log
TLSProtocol SSLv23
TLSOptions NoCertRequest
TLSRSACertificateFile /etc/proftpd/ssl/proftpd.cert.pem
TLSRSACertificateKeyFile /etc/proftpd/ssl/proftpd.key.pem
TLSVerifyClient off
TLSRequired on
</IfModule>

Step4. Create a user for ProFTPd Server.

useradd ftp_user -p your_password -d /home/ftp_folder
passwd ftp_user

Step5. Restart Server

/etc/init.d/proftpd restart

NOTE: Don’t forget to configure your FTP client to use TLS connection.

Valic

Posts Twitter Facebook

Editor in Chief at Debian-Tutorials, Linux enthusiast.

One response to How to install ProFTPd with TLS on Debian Linux Server

  1. Thank you.

Leave a Reply