Allow FTP only via SSL

Triple3 · 04-23-2018, 07:36 AM

Good morning,

I set up a VSFTPD server with a single virtual user. Everything works fine, I can connect via its public IP inFTPS.

My problem is that I want to disable the unsecured connection i.e. FTP connection. For that I modified the vsftpd.conf with the following parameters :

ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=NO
b]force_local_logins_ssl=YES[/b]

This is where it doesn't work, since when I want to connect via public IP with the YES variable above it doesn't work and returns the message "non anonymous sessions must use encryption online ssl" to me

My question is: How can I restrict my FTP only with FTPS access and make any connection impossible without the SSL layer?
If someone's already set this up, or knows the solution!
Thanks in advance

!

Translated with www.DeepL.com/Translator

bathory · 04-24-2018, 03:30 AM

Quote:

This is where it doesn't work, since when I want to connect via public IP with the YES variable above it doesn't work and returns the message "non anonymous sessions must use encryption online ssl" to me

My question is: How can I restrict my FTP only with FTPS access and make any connection impossible without the SSL layer?

You can use the following in order to allow only FTPS connections on port 990:

Code:

implicit_ssl=YES 
listen_port=990

Regards