安装vsftpd
yum install vsftpd
service vsftpd start
1.建立ca服务器并为vsftpd颁发证书
cd /etc/pki/CA
(umask 077; openssl genrsa 2048 >private/cakey.pem)---生成ca私钥文件
vim /etc/pki/tls/openssl.conf
dir=/etc/pki/CA
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = CN(此处修改为CN)
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = Henan(修改为Henan)
localityName = Locality Name (eg, city)
localityName_default = Zhengzhou(修改为Zhengzhou)
0.organizationName = Organization Name (eg, company)
0.organizationName_default = ilinux(组织)
organizationalUnitName = Organizational Unit Name (eg, section)
organizationalUnitName_default = TECH(部门)
openssl req -new -x509 -key private/cakey.pem -out cacert.pem----生成自签证书
mkdir certs newcerts crl
touch index.txt serial
echo 01>serial
cd /etc/vsftpd
mkdir ssl
cd ssl
(umask 077; openssl genrsa 2048>vsftpd.key)---生成vsftpd的私钥文件
openssl req -new -key vsftpd.key -out vsftpd.csr---生成证书颁发请求
openssl ca -in vsftpd.csr -out vsftpd.crt ---ca服务器为vsftpd颁发证书
2.修改vsftpd的配置文件
vim /ssl_enable=yes(添加如下内容)
ssl_tlsv1=yes
ssl_sslv2=yes
ssl_sslv3=yes
allow_anon_ssl=no
force_local_data_ssl=yes
force_local_logins_ssl=yes
rsa_cert_file=/etc/vsftpd/ssl/vsftpd.crt
rsa_private_key_file=/etc/vsftpd/ssl/vsftpd.key
:wq
service vsftpd restart
下面就可以在IE里使用ftps://192.168.0.6(假设是vsftpd的服务器ip)来访问ftp了
阅读(2574) | 评论(0) | 转发(0) |
