This is a quick ‘n’ dirty version of an excellent post on http://ubuntuforums.org/showthread.php?t=518293 by epimeteo which describes the in-depth configuration options of VSFTPD, so if you’re an advanced user you should probably go and read it.
However, if all you want is a quick FTPS server and don’t particularly care about user restrictions, IP or connection restrictions this is the post for you…
Install VSFTPD
apt-get install vsftpd
Edit the config file
nano -w /etc/vsftpd.conf
Within the config file make the settings read as follows (uncomment as appropriate)
anonymous_enable=NO local_enable=YES write_enable=YES
Add some new settings at the bottom to enforce the SFTP part
ssl_enable=YES allow_anon_ssl=NO force_local_data_ssl=YES force_local_logins_ssl=YES ssl_tlsv1=YES ssl_sslv2=YES ssl_sslv3=YES
Save it and then start the VSFTPD server
service vsftpd start
That’s all there is to it – you should now be able to login to your server using SFTP!
Is it really SFTP or you mean FTPS? Because all what i’ve read make me think it’s FTPS.
Thanks for the info
Hi Christian,
I’m no expert but I think it is SFTP as the connection between client and server is done over SSH File Transfer Protocol rather than plain old port 21. I suspect you are thinking of FTPS with SSL (http://www.jscape.com/blog/bid/75602/Understanding-Key-Differences-Between-FTP-FTPS-and-SFTP)
Thanks,
Phil
The ports are not my point. And the link you have provided just show what i say perfectly. Read this part: “SFTP is often confused with FTPS and vice-versa even through these protocols share nothing in common except their ability to securely transfer files. SFTP is actually based on the SSH (Secure Shell)…”
Your article talk about SSL all the time. So it’s FTPS.
I disagree – all traffic happens via SSH on port 22 so (IMHO) its SFTP.
Sorry to disappoint you Phil, but this is FTPS / FTPES and not SFTP. SFTP uses the OpenSSH server (or equivalent SSH server) and SCP like behaviour whilst what you’ve described uses FTP over TLS via the Vstpd server and OpenSSL. In addition, enabling SSL v2 and SSL v3 is discouraged because of their weaknesses and should only be used for legacy purposes.
Thanks for the explanation Owen – that really helps. I have updated the article to reflect your points.