As now all is moving to https it's also good to enable SSL/TLS for FTP to protect plain text login credentials.
Our instruction will guide you to install and configure pure-ftpd to use SSL/TLS.
Requirements: Hostname certificate already installed, check that these files exist:
/etc/pki/tls/private/hostname.key
/etc/pki/tls/certs/hostname.crt
Create Certificate File for pure-ftpd
cat /etc/pki/tls/private/hostname.key > /etc/pki/tls/private/pure-ftpd.pem cat /etc/pki/tls/certs/hostname.crt >> /etc/pki/tls/private/pure-ftpd.pem chmod 600 /etc/pki/tls/private/pure-ftpd.pem
Edit File: /etc/pure-ftpd/pure-ftpd.conf end set this values:
TLS 1 TLSCipherSuite HIGH CertFile /etc/pki/tls/private/pure-ftpd.pem
Available options :
TLS 0 : disable SSL/TLS encryption layer (default on install).
TLS 1 : accept both traditional and encrypted sessions.
TLS 2 : refuse connections that don't use SSL/TLS security mechanisms, including anonymous sessions.
In the latest centos7 version 0.9.8.757+ you can install it with command:
sh /scripts/install_pure-ftpd_tls
How to connect
FileZilla example details
Host: ftpes://HOSTNAME
Username: USERNAME
Password: PASSWORD
Port: 21