{"id":3678,"date":"2016-01-06T08:32:32","date_gmt":"2016-01-06T08:32:32","guid":{"rendered":"https:\/\/blog.ed.gs\/?p=3678"},"modified":"2016-01-06T08:32:32","modified_gmt":"2016-01-06T08:32:32","slug":"pure-ftpd-with-ftps-over-tls","status":"publish","type":"post","link":"https:\/\/ed.gs\/2016\/01\/06\/pure-ftpd-with-ftps-over-tls\/","title":{"rendered":"Pure-FTPD With FTPS Over TLS"},"content":{"rendered":"
I recently had to set up FTPS for a client as SFTP wasn’t an option. The benefit of FTPS with Pure-FTPD is the ability to save files as another user when uploading files. Here’s how to do it:<\/p>\n
<\/p>\n
Give ourselves root privileges<\/em><\/p>\n <\/p>\n For Debian\/Ubuntu:<\/strong><\/p>\n Update our aptitude cache<\/em><\/p>\n Install openssl and Pure-FTPD<\/em><\/p>\n <\/p>\n For Centos\/Fedora\/Redhat<\/strong><\/p>\n Update our yum cache<\/em><\/p>\n Install openssl and Pure-FTPD<\/em><\/p>\n <\/p>\n <\/p>\n Add a new user for which we want to use to log in, set their home directory that they’ll see when they log in and set their primary group as the owner of the files in that directory<\/em><\/p>\n Set a password for the new user, remember this as we’ll need to set it later to<\/em><\/p>\n The next two commands are important as they’ll display the users UID, which we need later on; make a note of both users’ UID<\/em><\/p>\n <\/p>\n Create the Pure-FTPD user database and set the details to the same as the adduser stage above, use the same password as the previous user creation also<\/p>\n <\/p>\n Make a new directory and create an SSL certificate, enter details as you wish when creating the SSL certificate, set Common Name to your servers hostname<\/em><\/p>\n Make the certificate readable be root only<\/em><\/p>\n <\/p>\n Edit the Pure-FTPD config<\/em><\/p>\n Uncomment and change TLS to 2 to allow only TLS connections<\/em><\/p>\n Uncomment the PureDB line to allow it to use our user<\/em><\/p>\n Change and set MinUID to the lowest UID from the “id staging and id nginx” command above, nginx will usually have the lower UID, but it depends on the users you’re going to use<\/em><\/p>\n <\/p>\n Restart PureFTPd<\/em><\/p>\n <\/p>\n Connect using FTPS using SSL dependant on your client on port 21 as usual<\/em><\/p>\n","protected":false},"excerpt":{"rendered":" I recently had to set up FTPS for a client as SFTP wasn’t an option. The benefit of FTPS with Pure-FTPD is the ability to save files as another user when uploading files. Here’s how to do it: Give ourselves root privileges sudo -i For Debian\/Ubuntu: Update our aptitude cache apt-get update Install […]<\/p>\n","protected":false},"author":2,"featured_media":3669,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ep_exclude_from_search":false},"categories":[23,41],"tags":[],"yoast_head":"\nsudo -i<\/pre>\n
apt-get update<\/pre>\n
apt-get install openssl pure-ftpd<\/pre>\n
yum update<\/pre>\n
yum install openssl pure-ftpd<\/pre>\n
adduser staging -d /var/www/wordpress -g nginx<\/pre>\n
passwd staging<\/pre>\n
id staging<\/pre>\n
id nginx<\/pre>\n
pure-pw useradd staging -d /var/www/wordpress -u nginx<\/pre>\n
pure-pw mkdb<\/pre>\n
mkdir -p /etc/ssl/private/<\/pre>\n
openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem<\/pre>\n
chmod 600 /etc/ssl/private/pure-ftpd.pem<\/pre>\n
vi /etc/pure-ftpd/pure-ftpd.conf<\/pre>\n
TLS 2<\/pre>\n
PureDB /etc/pure-ftpd/pureftpd.pdb<\/pre>\n
MinUID 48<\/pre>\n
/etc/init.d/pure-ftpd restart<\/pre>\n