Detailed explanation of the installation steps of FTPS in Linux system

Detailed explanation of the installation steps of FTPS in Linux system

FTPS is an FTP protocol that transmits data through SSL/TLS encryption. It is more secure and reliable than ordinary FTP. Installing and configuring FTPS in a Linux system can improve the security of data transmission. Below we will detail the steps to install FTPS in a Linux system, with specific code examples.

Step 1: Install the vsftpd service

First, we need to install the vsftpd service. vsftpd is a lightweight FTP server that supports the FTPS protocol.

Execute the following command in the terminal to install:

sudo apt-get update
sudo apt-get install vsftpd

Step 2: Configure vsftpd

Next, we need to configure vsftpd to enable the FTPS function. Open the configuration file of vsftpd for editing:

sudo nano /etc/vsftpd.conf

Find the following lines and modify or add them:

ssl_enable=YES
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
require_ssl_reuse=NO

Save and close the file. Then restart the vsftpd service to make the configuration take effect:

sudo service vsftpd restart

Step 3: Generate SSL certificate

In order to make the FTPS connection more secure , we need to generate an SSL certificate. Execute the following command to generate a certificate:

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/vsftpd.pem -out /etc/ssl/certs/vsftpd. pem

Step 4: Enable SSL/TLS encryption

Edit the vsftpd configuration file and add or modify the following content to:

ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
require_ssl_reuse=NO
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
rsa_cert_file=/etc/ssl/certs/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem

Save the file and restart the vsftpd service:

sudo service vsftpd restart

Step 5: Open the firewall port

If the system is equipped with a firewall, the related ports of FTP and FTPS need to be opened. Execute the following command to open the port:

sudo ufw allow 20/tcp
sudo ufw allow 21/tcp
sudo ufw allow 990/tcp
sudo ufw allow 40000:50000/tcp
sudo ufw reload

Step Six: Test FTPS Connection

Now, you can use the FTP client tool to connect to your FTPS server. Make sure to select Use FTPS protocol and enter the corresponding username and password to test whether the connection is successful.

In summary, through the above steps, you have successfully installed and configured the FTPS service in the Linux system, and improved the security of data transmission through SSL/TLS encryption. I wish you a happy use!

The above is the detailed content of Detailed explanation of the installation steps of FTPS in Linux system. For more information, please follow other related articles on the PHP Chinese website!