{"id":3678,"date":"2016-01-06T08:32:32","date_gmt":"2016-01-06T08:32:32","guid":{"rendered":"https:\/\/blog.ed.gs\/?p=3678"},"modified":"2016-01-06T08:32:32","modified_gmt":"2016-01-06T08:32:32","slug":"pure-ftpd-with-ftps-over-tls","status":"publish","type":"post","link":"https:\/\/ed.gs\/2016\/01\/06\/pure-ftpd-with-ftps-over-tls\/","title":{"rendered":"Pure-FTPD With FTPS Over TLS"},"content":{"rendered":"

I recently had to set up FTPS for a client as SFTP wasn’t an option. The benefit of FTPS with Pure-FTPD is the ability to save files as another user when uploading files. Here’s how to do it:<\/p>\n

 <\/p>\n

Give ourselves root privileges<\/em><\/p>\n

sudo -i<\/pre>\n
 <\/p>\n
For Debian\/Ubuntu:<\/strong><\/p>\n
Update our aptitude cache<\/em><\/p>\n
apt-get update<\/pre>\n
Install openssl and Pure-FTPD<\/em><\/p>\n
apt-get install openssl pure-ftpd<\/pre>\n
 <\/p>\n
For Centos\/Fedora\/Redhat<\/strong><\/p>\n
Update our yum cache<\/em><\/p>\n
yum update<\/pre>\n
Install openssl and Pure-FTPD<\/em><\/p>\n
yum install openssl pure-ftpd<\/pre>\n
 <\/p>\n
 <\/p>\n
Add a new user for which we want to use to log in, set their home directory that they’ll see when they log in and set their primary group as the owner of the files in that directory<\/em><\/p>\n
adduser staging -d /var/www/wordpress -g nginx<\/pre>\n
Set a password for the new user, remember this as we’ll need to set it later to<\/em><\/p>\n
passwd staging<\/pre>\n
The next two commands are important as they’ll display the users UID, which we need later on; make a note of both users’ UID<\/em><\/p>\n
id staging<\/pre>\n
id nginx<\/pre>\n
 <\/p>\n
Create the Pure-FTPD user database and set the details to the same as the adduser stage above, use the same password as the previous user creation also<\/p>\n
pure-pw useradd staging -d /var/www/wordpress -u nginx<\/pre>\n
pure-pw mkdb<\/pre>\n
 <\/p>\n
Make a new directory and create an SSL certificate, enter details as you wish when creating the SSL certificate, set Common Name to your servers hostname<\/em><\/p>\n
mkdir -p /etc/ssl/private/<\/pre>\n
openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem<\/pre>\n
Make the certificate readable be root only<\/em><\/p>\n
chmod 600 /etc/ssl/private/pure-ftpd.pem<\/pre>\n
 <\/p>\n
Edit the Pure-FTPD config<\/em><\/p>\n
vi /etc/pure-ftpd/pure-ftpd.conf<\/pre>\n
Uncomment and change TLS to 2 to allow only TLS connections<\/em><\/p>\n
TLS 2<\/pre>\n
Uncomment the PureDB line to allow it to use our user<\/em><\/p>\n
PureDB /etc/pure-ftpd/pureftpd.pdb<\/pre>\n
Change and set MinUID to the lowest UID from the “id staging and id nginx” command above, nginx will usually have the lower UID, but it depends on the users you’re going to use<\/em><\/p>\n
MinUID 48<\/pre>\n
 <\/p>\n
Restart PureFTPd<\/em><\/p>\n
/etc/init.d/pure-ftpd restart<\/pre>\n
 <\/p>\n
Connect using FTPS using SSL dependant on your client on port 21 as usual<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"
I recently had to set up FTPS for a client as SFTP wasn’t an option. The benefit of FTPS with Pure-FTPD is the ability to save files as another user when uploading files. Here’s how to do it:   Give ourselves root privileges sudo -i   For Debian\/Ubuntu: Update our aptitude cache apt-get update Install […]<\/p>\n","protected":false},"author":2,"featured_media":3669,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ep_exclude_from_search":false},"categories":[23,41],"tags":[],"yoast_head":"\nPure-FTPD With FTPS Over TLS - E<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/ed.gs\/2016\/01\/06\/pure-ftpd-with-ftps-over-tls\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Pure-FTPD With FTPS Over TLS - E\" \/>\n<meta property=\"og:description\" content=\"I recently had to set up FTPS for a client as SFTP wasn’t an option. The benefit of FTPS with Pure-FTPD is the ability to save files as another user when uploading files. Here’s how to do it:   Give ourselves root privileges sudo -i   For Debian\/Ubuntu: Update our aptitude cache apt-get update Install […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/ed.gs\/2016\/01\/06\/pure-ftpd-with-ftps-over-tls\/\" \/>\n<meta property=\"og:site_name\" content=\"E\" \/>\n<meta property=\"article:published_time\" content=\"2016-01-06T08:32:32+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/static.ed.gs\/wp-content\/uploads\/2016\/01\/259H.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2048\" \/>\n\t<meta property=\"og:image:height\" content=\"1365\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ed\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ed\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/ed.gs\/2016\/01\/06\/pure-ftpd-with-ftps-over-tls\/\",\"url\":\"https:\/\/ed.gs\/2016\/01\/06\/pure-ftpd-with-ftps-over-tls\/\",\"name\":\"Pure-FTPD With FTPS Over TLS - E\",\"isPartOf\":{\"@id\":\"https:\/\/ed.gs\/#website\"},\"datePublished\":\"2016-01-06T08:32:32+00:00\",\"dateModified\":\"2016-01-06T08:32:32+00:00\",\"author\":{\"@id\":\"https:\/\/ed.gs\/#\/schema\/person\/d775615f2296ad0129fa3ea66346c628\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/ed.gs\/2016\/01\/06\/pure-ftpd-with-ftps-over-tls\/\"]}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/ed.gs\/#website\",\"url\":\"https:\/\/ed.gs\/\",\"name\":\"E\",\"description\":\"automation, consultancy, project management, web\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/ed.gs\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/ed.gs\/#\/schema\/person\/d775615f2296ad0129fa3ea66346c628\",\"name\":\"Ed\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/ed.gs\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4fe1dfaed09e6bdceb557d3008f5cc47?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4fe1dfaed09e6bdceb557d3008f5cc47?s=96&d=mm&r=g\",\"caption\":\"Ed\"},\"url\":\"https:\/\/ed.gs\/author\/ed\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Pure-FTPD With FTPS Over TLS - E","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/ed.gs\/2016\/01\/06\/pure-ftpd-with-ftps-over-tls\/","og_locale":"en_GB","og_type":"article","og_title":"Pure-FTPD With FTPS Over TLS - E","og_description":"I recently had to set up FTPS for a client as SFTP wasn’t an option. The benefit of FTPS with Pure-FTPD is the ability to save files as another user when uploading files. Here’s how to do it:   Give ourselves root privileges sudo -i   For Debian\/Ubuntu: Update our aptitude cache apt-get update Install […]","og_url":"https:\/\/ed.gs\/2016\/01\/06\/pure-ftpd-with-ftps-over-tls\/","og_site_name":"E","article_published_time":"2016-01-06T08:32:32+00:00","og_image":[{"width":2048,"height":1365,"url":"https:\/\/static.ed.gs\/wp-content\/uploads\/2016\/01\/259H.jpg","type":"image\/jpeg"}],"author":"Ed","twitter_misc":{"Written by":"Ed","Estimated reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/ed.gs\/2016\/01\/06\/pure-ftpd-with-ftps-over-tls\/","url":"https:\/\/ed.gs\/2016\/01\/06\/pure-ftpd-with-ftps-over-tls\/","name":"Pure-FTPD With FTPS Over TLS - E","isPartOf":{"@id":"https:\/\/ed.gs\/#website"},"datePublished":"2016-01-06T08:32:32+00:00","dateModified":"2016-01-06T08:32:32+00:00","author":{"@id":"https:\/\/ed.gs\/#\/schema\/person\/d775615f2296ad0129fa3ea66346c628"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/ed.gs\/2016\/01\/06\/pure-ftpd-with-ftps-over-tls\/"]}]},{"@type":"WebSite","@id":"https:\/\/ed.gs\/#website","url":"https:\/\/ed.gs\/","name":"E","description":"automation, consultancy, project management, web","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/ed.gs\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-GB"},{"@type":"Person","@id":"https:\/\/ed.gs\/#\/schema\/person\/d775615f2296ad0129fa3ea66346c628","name":"Ed","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/ed.gs\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4fe1dfaed09e6bdceb557d3008f5cc47?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4fe1dfaed09e6bdceb557d3008f5cc47?s=96&d=mm&r=g","caption":"Ed"},"url":"https:\/\/ed.gs\/author\/ed\/"}]}},"_links":{"self":[{"href":"https:\/\/ed.gs\/wp-json\/wp\/v2\/posts\/3678"}],"collection":[{"href":"https:\/\/ed.gs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ed.gs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ed.gs\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/ed.gs\/wp-json\/wp\/v2\/comments?post=3678"}],"version-history":[{"count":0,"href":"https:\/\/ed.gs\/wp-json\/wp\/v2\/posts\/3678\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ed.gs\/wp-json\/wp\/v2\/media\/3669"}],"wp:attachment":[{"href":"https:\/\/ed.gs\/wp-json\/wp\/v2\/media?parent=3678"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ed.gs\/wp-json\/wp\/v2\/categories?post=3678"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ed.gs\/wp-json\/wp\/v2\/tags?post=3678"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}