Como instalar ProFTPd com TLS no openSUSE 13.2

This document describes how to install a ProFTPd server with OpenSuse 13.2. I will include TLS connections. TLS provides endpoint authentication and communications confidentiality over the Internet using cryptography. TLS provides RSA security with 1024 e 2048 bit strengths.

ProFTPD is a FTP server, it uses only one configuration file “/etc/proftpd/proftpd.conf”. The ProFTPD config file is very similar to Apache’s config file. It can be used to configure multiple virtual FTP servers easily, and has chroot capabilities depending on the underlying filesystem. It can run as standalone server or inetd service. It’s able to work over IPv6.

1 Nota preliminar

Neste tutorial eu uso o nome do host com o endereço de IP Essas configurações podem ser diferentes para você, so you have to substituir them where appropriate. You must have a basic Open Suse installation before moving ahead as described in this tutorial.

2 Install ProFTPd

Now let`s install protpd , so open a terminal and type the command :

zypper install proftpd opensl

Now we have to edit proftpd config file:

nano /etc/proftpd/proftpd.conf

Add the entries at end of the file as:

DefaultRoot ~ IdentLookups off ServerIdent on "FTP Servidor ready."

Now we will make the directory for certificate as follows:

mkdir /etc/proftpd/openssl

Next task is to generate the SSL certificate with this command:

openssl req -new -x509 -days 365 -nodes -out /etc/proftpd/openssl/proftpd.cert.pem -keyout /etc/proftpd/openssl/proftpd.key.pem

Fill the entries as follows:

Country Name (2 letter code) [XX]: <-- Enter your Country Name (e.g., "DE").
State or Province Name (full name) []:
<-- Enter your State or Province Name.
Locality Name (eg, city) [Default City]:
<-- Enter your City.
Organization Name (eg, company) [Default Company Ltd]:
<-- Enter your Organization Name (e.g., the name of your company).
Organizational Unit Name (eg, section) []:
<-- Enter your Organizational Unit Name (e.g. "IT Department").
Common Name (eg, your name or your server's hostname) []:
<-- Enter the Fully Qualified Domain Name of the system (e.g. "").
Email Address []:
<-- Enter your Email Address.

Now we need to enable the TLS in ProFTPd as by adding the entry in the ProFTPd configuration file.

nano /etc/proftpd/proftpd.conf

Add the entries at last as:

Include /etc/proftpd/tls.conf

Now we will add the entries for the file tls.conf:

nano /etc/proftpd/tls.conf

 TLSEngine                  on TLSLog                     /var/log/proftpd/tls.log TLSProtocol                SSLv23 TLSOptions                 NoCertRequest TLSRSACertificateFile      /etc/proftpd/openssl/proftpd.cert.pem TLSRSACertificateKeyFile   /etc/proftpd/openssl/proftpd.key.pem TLSVerifyClient            off TLSRequired                on

We will create the TLS log file manually as:

touch /var/log/proftpd/tls.log

Be sure to comment out the following lines in order to allow ftp users to CHMOD:

 [...] # Bar use of SITE CHMOD by default #<Limit SITE_CHMOD> #  DenyAll #</Limite> [...]

Next we need to add the entries to the boot and start the service of ProFTPd as:

systelctl enable proftpd.service
systemctl restart proftpd.service

This will make us ready for the FTP connection.

3 FTP Client

In order to use FTP over TLS, we can use FTP client as Filezilla. It can be downloaded over from the original repository of the distribution or from the ligação

Deixe uma resposta

Este site usa Akismet para reduzir o spam. Saiba como seus dados comentário é processado.

Nós usamos cookies para lhe dar a melhor experiência on-line. Ao concordar você aceitar o uso de cookies de acordo com nossa política de cookies.