Full documentation to configure FTP server with proftpd is provided at http://www.proftpd.org. Here we confirm the configuration in practice.
In addition to the default configuration in Omarine, you add the configuration directives below.
First, load the mod_tls module
Then add the section <IfModule mod_tls.c>. The directives for the configuration have comments attached to explain:
# Support both SSLv3 and TLSv1
TLSProtocol SSLv3 TLSv1
# We don't require clients to use FTP over TLS
# Server's RSA certificate, assume your server certificate file is server-cert.pem
# and the certificate's private key file is server-key.pem
# CA certificate file of the server, assume server.ca-bundle
# Do not authenticate clients over TLS
# Do not force SSL/TLS renegotiations
# Relax the requirement that the SSL session be reused for data transfers
Which client works with the FTP server over TLS?
FileZilla is one of the most suitable clients. You can use the binary version or build it from source for use in Omarine. I am also using FileZilla.
Configuring the log
This is a supplement to the proftpd configuration in general. We often want to record anonymous activities. You add the following directive to the section <Anonymous ~ ftp>:
ExtendedLog /var/log/ftp.log read, write
Below is an example of the content being logged
Share on Twitter
Share on Facebook
Can't see mail in Inbox? Check your Spam folder.