[CentOS] Definitive guide to setting up FTPIS on vsftpd
Kenneth Porter
shiva at sewingwitch.com
Thu May 31 17:17:59 UTC 2018
On 5/31/2018 8:01 AM, Frank M. Ramaekers wrote:
> I have a new CentOS 7.4 (recently upgraded to 7.5) system that I have been struggling with in configuring vsftpd for FTPS Implicit (port 990).
> (The latest instructions I've used are at:https://www.unixmen.com/configure-vsftpd-ssltls-centos-7/)
Here's what I'm using. The tutorial site I used is currently down with a
bandwidth exceeded warning, so I guess it must be quite popular.
I'm using LetsEncrypt certificates. My site domain is replaced with
example.com. Use your own domain name there as registered with LetsEncrypt.
# see
# http://beginlinux.com/blog/2009/01/secure-ftp-with-ssl-on-centos/
rsa_cert_file=/etc/letsencrypt/live/example.com/fullchain.pem
rsa_private_key_file=/etc/letsencrypt/live/example.com/privkey.pem
ssl_enable=YES
force_local_logins_ssl=NO
force_local_data_ssl=NO
ssl_tlsv1=YES
ssl_sslv2=YES
ssl_sslv3=YES
# limit pasv ports to range that iptables can check
pasv_min_port=6900
pasv_max_port=6969
# added 20120213 to deal with FileZilla 3.5.3 stricter cipher list
# see http://forum.filezilla-project.org/viewtopic.php?f=2&t=23275
ssl_ciphers=HIGH
dual_log_enable=YES
allow_writeable_chroot=YES
user_sub_token=$USER
More information about the CentOS
mailing list