how to force accept only ssl connections in vsftpd? [closed]
https://stackoverflow.com/questions/11523904
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I did install and configure vsftpd with ssl using openssl.
But I want to accept only ssl connections, or, in other words, deny non-ssl connections.
Solution
If you set "force_local_logins_ssl=YES" then your clients will be required to use an FTP client that supports AUTH TLS/SSL in order to connect. If you leave it at "NO" then people can connect securely or insecurely.
All you need to do is change that setting in /etc/vsftpd.conf or in /etc/vsftp/vsftpd.conf; depending on your distro, the .conf file should be on of those 2 places. Then all you should need to do is restart vsftpd daemon as so:
vsftpd restart
EDIT
You may also need to set ssl_enable=YES for this to take effect (as pointed out by Tegran in the comments)
OTHER TIPS
You need to set the following option in /etc/vsftpd.conf and restart the server:
ssl_enable=YES
Setting force_local_logins_ssl=YES is also required but it's actually the default as long as you have SSL enabled.
Beware, if you just set force_local_logins_ssl=YES without ssl_enable=YES then you will not be preventing people from logging on without an encrypted connection.
