更新时间:2021-02-22 18:17:00
有时我们使用FTP进行连接时,需要对信息进行加密,即使用SSL或者TSL进行连接。这时需要用到OpenSSL安装配置好SSL之后,需要安装OpenSSL
wget http://www.openssl.org/source/openssl-1.0.2g.tar.gz
tar -xvzf openssl-1.0.1f.tar.gz
cd openssl-1.0.1f
./config
make
make install
mkdir -p /etc/ssl/certs
chmod 700 /etc/ssl/certs
openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout /etc/ssl/certs/vsftpd.pem -out /etc/ssl/certs/vsftpd.pem
# Turn on SSL
ssl_enable=YES
# Allow anonymous users to use secured SSL connections
allow_anon_ssl=YES
# All non-anonymous logins are forced to use a secure SSL connection in order to
# send and receive data on data connections.
force_local_data_ssl=YES
force_anon_data_ssl=YES
# All non-anonymous logins are forced to use a secure SSL connection in order to send the password.
force_local_logins_ssl=YES
force_anon_logins_ssl=YES
# Permit TLS v1 protocol connections. TLS v1 connections are preferred
ssl_tlsv1=YES
# Permit SSL v2 protocol connections. TLS v1 connections are preferred
ssl_sslv2=NO
# permit SSL v3 protocol connections. TLS v1 connections are preferred
ssl_sslv3=NO
# Disable SSL session reuse (required by WinSCP)
require_ssl_reuse=NO
# Select which SSL ciphers vsftpd will allow for encrypted SSL connections (required by FileZilla)
ssl_ciphers=HIGH
# This option specifies the location of the RSA certificate to use for SSL
# encrypted connections.
rsa_cert_file=/etc/ssl/cert/vsftpd.pem
这样一个可加密的FTP服务器就搭建好了。