1、 install vsftpd server
vsftpd is not secure by default.we have to do a couple of things to make the ftp server bit secure.
After installing and configuring vsftpd,I have created a ftp user called “test” at the first!
So,let us assign root ownership to the “test” user’s home directory “/home/test”
We can run:
Userasdd -d /home/test test
Chown root:root /home/test
we can use the directory to store the ftp file or to be the ftp directory!
Now if we have done this setup,first let us create the required SSL certicates to use tith VSFTPD.to do so ,run the following command from the terminal.
“openssl req -x509 -nodes -day 365 -new key rsa:1024 -keyout /etc/ssl/private/vsftpd.pem -out /etc/ssl/private/vsftpd.pem”
Enter the required values!
now we create the ssl certicaties to vsftp configura
we append the line like this in the vsftd config file like /etc/vsftpd/vsftpd.conf
“rsa_cert_file=/etc/ssl/certs/vsftpd.pem”
“rsa_private_key_file=/etc/ssl/private/vsftpd.pem”
“ssl_enable=YES”
“force_local_data_ssl=YES”
“allow_anon_ssl=YES”
“force_local_logins_ssl=YES”
“ssl_tlsv1=YES”
“ssl_tlsv2=NO”
“ssl_tlsv3=NO”
“require_ssl_reuse=NO”
“ssl_ciphers=HIGH”
When modifying the values ,the vsftpd configuration file should look like this:
Save and close the file
Finally ,restart the vsftpd service to take effect the changes
(centos6)service vsftpd restart
(centos7)systemctl restart vsftpfd
Vsftpd configuration with ssl is over,now ,we use wireshark to get the packet.
Now ,though the packet ,we should know the vsftpd with the ssl is complete!
