How to install FTPS service on Linux system

Installing FTPS service on a Linux system is a common operation to ensure secure file transfer. FTPS is based on the FTP protocol and adds SSL/TLS encryption during the transmission process to improve the security of data transmission. This article will introduce how to install, configure and start the FTPS service on a Linux system, and provide specific code examples.

Step 1: Install vsftpd service

First, we need to install the vsftpd software package, which is a popular FTP server software. Execute the following command in the terminal to install vsftpd:

sudo apt-get update
sudo apt-get install vsftpd

Step 2: Configure vsftpd

1. Edit the vsftpd configuration file/etc/vsftpd.conf：

sudo vi /etc/vsftpd.conf

2. Make sure the value of the following parameters is:

anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
listen=NO
listen_ipv6=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
ssl_enable=YES
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key

3. Save and exit the editor.

Step 3: Configure SSL/TLS certificate

1. Generate SSL/TLS certificate:

sudo openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/ssl/private/vsftpd.pem -out /etc/ssl/certs/vsftpd.pem -days 365

2. Set file permissions:

sudo chmod 600 /etc/ssl/private/vsftpd.pem
sudo chmod 600 /etc/ssl/certs/vsftpd.pem

Step 4: Restart the vsftpd service

Execute the following command to restart the vsftpd service to make the configuration take effect:

sudo service vsftpd restart

Step 5: Firewall settings

If there is a firewall on the system, make sure to open the relevant ports for FTP transmission, usually ports 20 and 21:

sudo ufw allow 20 /tcp
sudo ufw allow 21/tcp

Step 6: Test the FTPS service

Now, you can use the FTP client to connect to your Linux server and test the FTPS service. When connecting, make sure to use TLS encryption.

Conclusion

Through the above steps, you have successfully installed, configured and tested the FTPS service on the Linux system. In practice, you can adjust the configuration as needed and further enhance security. Hope this article helps you!

The above is the detailed content of How to install FTPS service on Linux system. For more information, please follow other related articles on the PHP Chinese website!