Configuring VSFTPD server for secure connection (TLS / SSL / SFTP)

This article is related to FTP programs, namely VSFTPD on RPM-Based, especially CentOS. Except for installation instructions must be adjusted to the existing Linux distribution.

Traditional FTP is generally not safe, because when you log in with your username and password the transmitted data is in text form, this increases the security gap which can allow the sniffing process on your network by people who are not entitled and with it’s easy to read the data you’re transferring. Therefore there was an addition to the new security for this FTP problem. Here we will make it easy for you to create/configure your VSFTPD server using OpenSSL encryption so that your username and password and even data files will be encrypted during the transfer.

Install VSFTPD server

VSFTPD is the default FTP server that is included by CentOS and RHEL. if you have not installed VSFTPD for the first time, you can use the following command to install VSFTPD:

Create OpenSSL certificate for VSFTPD encryption


Now to use OpenSSL to create a certificate for the VSFTPD server, the certificate file here will be placed in “/ etc / vsftpd”. besides it will determine the age of the certificate, the example here will be set for 1 year (“-days 365”).

To configure VSFTPD you can edit the vsftpd.conf file in the directory “/ etc / vsftpd /”

Restart services VSFTPD server


If you set “force_local_logins_ssl = YES” then your client will be asked to use an FTP client that supports AUTH TLS / SSL to connect. If you set “force_local_logins_ssl = NO” then people can connect securely or insecurity.