I’m using CentOS release 6.4 on a VPS.
Its runs proftp with xinetdI’ve found configuration files at
/etc/proftpd.conf
/etc/xinetd.conf
/etc/xinetd.d/ftp_psaI want to disable plain FTP, but need to keep FTPS.
So a ftp client tries to start a connection via plain FTP it shouldn’t be allowed.How to make this happen?
Answer
There is this parameter: TLSRequired for mod_tls
in Proftpd.
Synopsis
TLSRequired [ on | off | ctrl | data | auth | auth+data]
If you set it to on
then all ftp users will be forced to use TLS for both control and data channels. There are other options available also to activate it only for control channel, that is for username/password transfer.
It should be added to the mod_tls
config:
<IfModule mod_tls.c>
...
TLSRequired on
...
...
</IfModule>
There are possible issues that when you enable tls for both channels some client software will fail to list directories after logins and hang. May be in such a case, it is good enough to active tls only for auth channel.
Please read the Q&A sections here for more info: http://www.proftpd.org/docs/howto/TLS.html.
Attribution
Source : Link , Question Author : inckka , Answer Author : Diamond