Vsftpd + SSL on CentOS 5
Sweet and Simple. Should be OK on CentOS 4, I’d imagine too.
The following will force SSL for ftp connections. Also, passive connections will be required as well.
1 – Add the following to your vsftpd.conf file:
pasv_address=192.168.1.1
pasv_min_port=40000
pasv_max_port=40100
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=NO
force_local_logins_ssl=YES
ssl_tlsv1=NO
ssl_sslv2=NO
ssl_sslv3=YES
rsa_cert_file=/etc/ssl/your_cert.pem
Restart vsftpd: service vsftpd restart
2 – If you have iptables setup on your box add the following to your /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -m state --state NEW -p TCP --dport 40000:40100 -j ACCEPT
Restart Iptables: service iptables restart
That should be it.