Comments on How to install ProFTPd with TLS support on Ubuntu 15.04

FTP is a very insecure protocol because all passwords and all data are transferred in clear text. By using TLS, the whole communication can be encrypted, thus making FTP much more secure. This article explains how to set up ProFTPd with TLS on an Ubuntu 15.04 server, how to add an FTP user and to use FileZilla to connect securely with TLS.

4 Comment(s)

Add comment

Please register in our forum first to comment.

Comments

By: Hans van Eijsden
Reply  

SSLv23 is very insecure, you should disable it. On https://cipherli.st you can see the following snippet, the best:

TLSEngine on TLSLog /var/ftpd/tls.log TLSProtocol TLSv1.2 TLSRequired on TLSCipherSuite AES128+EECDH:AES128+EDH TLSRSACertificateFile /etc/proftpd.cert TLSRSACertificateKeyFile /etc/proftpd.key

By: till
Reply  

Thank you for the reminder. I had planned to change the cipher list and protocol but missed it before I published the guide. I fixd that now.

By: spam
Reply  

Thanks for this, but I'm still confused why people are using anything besides openssh-server with sftp?  Doesn't FTPS allow the client to reject the encryption?

By: till
Reply  

The option "TLSRequired on" in the above tutorial forces the client to use TLS and the server rejects unencrypted connections, so all connections are encrypted.