vsftpd with FTPS

Only a few steps are needed to activate FTPS :

  1. First you must generate an appropriate ssl certificate:
    openssl req -new -x509 -nodes -out vsftpd.pem -keyout vsftpd.pem
  2. Copy the cert to your vsftpd directory:
    cp vsftpd.pem /etc/vsftpd
  3. Add the following to vsftpd.conf:

Once the above configuration is active, system (and “virtual”) users will be required to use a client that supports FTPS. If your server allows Anonymous users, they will only be able to login with plain old FTP. With vsftpd, FTPS is only for authenticated users.