Setting Up a FTP server with SSL
(Click here to view the original thread with full colors/images)Posted by: fatcat69
I have had lots of people ask me how to do this, and since it took me about 5 hours to figure it out when I was setting up my server way back when, I feel that this will make it a lot easier for newbies. (This way I dont have to keep explaining it!)
Note this is just a general, basic, and easy setup. I recommend you look around and try each server software until you like it. With these instructions, you should be able to easy set up SSL on any ftp server platform.
Some of my settings might not be perfect for your setup, however this will work if you set it up this way. It has been sent out to complete noobs with computers and they were able to set it up easily and get it working...so don't pm me going it doesnt work, because you must have done something wrong. Re-read the instructions and set it up.
I personally have used numerous software solutions, yet a free and easy solution is filezilla.
Sever Setup
1. Download Filezilla server software on your server. Click Here. (http://filezilla-project.org/download.php?type=server)
2. Install with default settings.
3. We will be restricting which IP's can access the server's ftp. Click Edit, Settings, General Settings, IP filter.
The top box is where you can block IP's from accessing the FTP, the easiest method is to build your range and have you ip be excluded, rather then build a custom range around your ip.
http://img211.imageshack.us/img211/9906/77983088mp8.jpg
Paste the following into the block list:
*.*.*.*
That will automatically block all IP addresses.
4. Add your ip to the addresses to be excluded from the block, the lower box.
5. Since we are in the general settings, we will tweak a few other things. In the general settings, change the port to 990, Change connection time out to 0, no transfer time out 800, login timeout 60. Those are what I use as the default always messes with some of my friends clients.
http://img163.imageshack.us/img163/5512/64243437pz7.jpg
6. I personally delete the welcome message, its up to you though.
7. Go to SSL/TLS settings, Check the enable box, check allow explicit box, and check force explicit box.
http://img211.imageshack.us/img211/600/66259900tn2.jpg
8. Generate a new certificate by clicking the button. I always select the maximum encryption, 4096byte. All the information can be random, EXCEPT for common name (server address), put the servers ip address there. Select where you want to save it, and generate it.
http://img516.imageshack.us/img516/3982/63096097gj3.jpg
9. Go back to the ssl/tls settings page, for the private key file and certificate file, browse to the certificate you just made. Set a key password. You can finally click ok, as we are done with the server settings.
http://img211.imageshack.us/img211/2686/4apr6.jpg
10. Create a user group: Edit-->groups
11. Click add, make it whatever name you want.
http://img516.imageshack.us/img516/3467/27995553mn9.jpg
12. Check all three boxes there, adjust max. connection to 100 and connection limit to 0
http://img516.imageshack.us/img516/3438/10805848zf1.jpg
13. Click the shared folders tab...click add. Select your group on the right, then the add folder button willl be the main directory that you will see when you log in. I always just have everything downloaded into one folder and just share that one folder as it is easier.
http://img253.imageshack.us/img253/7484/10cv4.jpg
14. Click ok.
15. Now create a user for your group ----Edit---users
16. Add them, make them a part of the user group you made.
17. Then put checks in all 4 boxes on that screen (enable account, password, bypass server, force ssl) Set max connection count and connection limit to 0 and Click ok.
http://img253.imageshack.us/img253/2588/12jb2.jpg
Now that is the server side...next up is client side.
Client Side:
You can use any client that supports SSL, however I highly recommend using a client like Cuteftp as it takes advantage of multipart download, which is very important if speed means anything to you. For mac users, they also have a mac version of their client. Link is provided below to their overview page.
1.Download CuteFTP professional...Click Here for their home page (http://www.cuteftp.com/products/ftp_clients.aspx)
2. After you install it, on startup, it will bring you through the connection wizard. If it doesnt, click the wand with the star under the "file" tab.
3. Host address is your servers ip...click next.
http://img514.imageshack.us/img514/1651/cw1rg0.jpg
4. Put in the username and password you made on the server.
http://img514.imageshack.us/img514/5577/cw2fm6.jpg
5. When you click next, it will try to verify the server, cancel this. As it wont be able to connect due to the ssl not being set up yet.
http://img514.imageshack.us/img514/8913/cw3li8.jpg
Then Click No when it asks to check the username
http://img115.imageshack.us/img115/5954/cw4lv3.jpg
6. Click your home directory, local folder, that you want the client to always open to. DO NOT edit the default remote folder, leave it blank, as your server is set up to direct you perfectly to the folder.
http://img115.imageshack.us/img115/7964/cw5zu4.jpg
7. Click Finish.
8. See the site manager to the left, you should see your server in there, right click on it.
http://img209.imageshack.us/img209/130/sitemanagerkv7.jpg
9. Click Properties.
http://img120.imageshack.us/img120/7802/sitemanagerpropertiesnd6.jpg
10. Go to the "Type" Tab and you are going to be changing the protocol and port. Change the port to 990.
http://img120.imageshack.us/img120/7781/sitepropertiesportvf3.jpg
11. Change the protocol to "FTP with SSL (Auth. SSL --Explicit)" and click connect.
http://img442.imageshack.us/img442/1985/ftpwithsslsu7.jpg
12. The client will now connect to the server.
13. Click on the Tools menu and select global options.
http://img134.imageshack.us/img134/4308/globaloptionslc0.jpg
14. Select connections, and adjust the max transfers to 6. You can go higher, however 6 runs smoothly on most setups. If you are experiencing slow speeds, adjust this up or down and see how it effects transfer rates.
http://img147.imageshack.us/img147/9416/maxconnectionsmk1.jpg
15. Select transfer now and adjust the number of parts to be download at once. The more parts, the faster the download, however as above, it will be specific to your download. I use 6.
http://img129.imageshack.us/img129/2139/multipartrj2.jpg
16. You should be all set now to proceed to the download. Read below for the fastest download method.
Download
1. After you connect to your server, you will see your home directory and be all ready to just download what you want right? Yes, BUT without selecting a specific way to download, you will only be downloading 1 connection at a time. Lets take advantage of multi-part downloads.
2. On the folder you wish to download, right click and select Advanced download-->Multipart Download--->Max
http://img129.imageshack.us/img129/5204/6partsrj0.jpg
3. Thats the trick. Now you will open up multiple connections to the server and decrease the transfer time by 6 times. (if you left the max connections at 6 as above).
Thats pretty much it. This step by step setup should ensure you a flawless transfer on the first try as it has been tested by 3 other people before it was posted.
Enjoy!
;-)
Posted by: markupmaster
Very Nice Bud!
A lot of people will use this I'm sure!
:)
Posted by: juodis
thanks man :) i need this
Posted by: lifehackr
Thank you very much. Easy peasy to follow and use.
Posted by: Vitality
Awesome one.....
Posted by: engum
Is it possible to hide hidden files in this version?
Posted by: DownShift
thx mate superb info..........
Posted by: HypnoToad
Nice work, thank you :-)
Posted by: tenis69
I think this may help many members here in FST. Thanks a lot my friend you are great member here.
Posted by: Kapone
You know this helped make my life easier bud. Thanks once again.. Nice tutorial.
Posted by: coochiemudlo
Nice guide. Thank you:)
Posted by: fatcat69
oh so i forgot to mention, if you used this guide...im going to need about 1 million via paypal
:-P
Posted by: cocalait
Thank you. I really appreciate it.
I had my ftp set up by me, and it was insecure, unstable and with lousy speeds. I'm going to try it.
Posted by: buggyfresh
Nice tutorial thanks!
Posted by: fatcat69
Thank you. I really appreciate it.
I had my ftp set up by me, and it was insecure, unstable and with lousy speeds. I'm going to try it.
The speeds are from the client end most likely, follow the cuteftp part of the tutorial and you should be fine.
Posted by: wabbitslayer
OK, I'm a doofus.
I have followed the above directions EXACTLY....but I'm having a problem. I keep getting the following messages upon login: (heavily edited to show what I think is relevant?)Everything seems to go OK, it shows connected, and then:
I then get a pop-up window that says:
"The data connection (for transfers and listing) was not established.
Please try switching the data connection type (PASV or PORT) under the Global Options | Connection page and then try again."
I can't find the global options/connection page in CuteFTP?!?
I'm thinking this is a port forwarding problem w/ my local router, but don't understand why it would connect in the first place if it is.
EDIT:
OK, I was right, it was a port forwarding problem, I set the global options w/ my local external ip and forwarded ten ports on my router and...voila!!! (I'll keep the above text up in case someone else has this problem)
Posted by: Actatoi
Thank you fatcat for this, helped me :)
Posted by: RedHot
WoW 10x a lot.
Posted by: Disme
Seems to be a very nice tut. I certainly would want to try this for myself but I have one problem ... I have a dynamic IP. How do I have use DynDNS or something like that to make sure I can connect to my FTP when my IP has changed?
Thx for the tut.
Posted by: petethemanc
Nice tut, everything seemed to be going ok, until i tried connecting to the server. Then i got this error message.
http://i32.tinypic.com/xqmg08.jpg
Also this error in filZilla server
http://i25.tinypic.com/16i8i6r.jpg
Posted by: Aliyans
hi
thanx fatcat ..i have some problem at the moment while connecting to server ..will try ur guide..
Posted by: Aliyans
hi
How do u install filezillaserver on debian/ubuntu...i think this guide is for windows server right...i dont think...it can be installed like that on linux..if u know can u post some commands to install it from terminal or xterm please..
Posted by: sch0k
Just what I was looking for.
Thanks
Posted by: ehsanotaku
very nice indeed ,, You helped my younger brother with Cute Ftp N00bian illustrated tut mate p!
Posted by: Tsvetanov
Thanks for the great tutorial, verry useful!!
Posted by: ripleys
Thanks for great tutorial, made setting up much easier.
Posted by: cabang
hey thanks, i always wanted to share files with my fiends.
this made is easier. thank you.
Posted by: waeldiab
hi bro please i need your help
what is that
http://i260.photobucket.com/albums/ii38/WAELDIAB_2007/2008-06-27_072626.png (http://i260.photobucket.com/albums/ii38/WAELDIAB_2007/2008-06-27_072626.png)
Posted by: Krvaric
thanks m8
nice tutorial
and very useful.
Posted by: kid16k
Sry, pls delete this post (wrong thread) ;-)
However: nice tutorial!
Posted by: Krvaric
nice work fatcat69
yo have done a great job if I may say so :happy:
Posted by: huzhichao
thanks you
Posted by: Am0MuK
Good FAQ thanks
Posted by: mdtczar
nice tutorial, gonna try this on my dedi server
Posted by: moitapchoi
great tutorial thank you.
Posted by: bammers
very good guide!! :)
Posted by: t0mmy
when i try to connect to my ftp, it just times out
The connection failed due to an error or timeout.
1) Please verify that the destination host name or IP address is correct.
2) Increase the connection timeout threshold under Global Settings | Connection.
3) Switch to the opposite data connection type (PASV or PORT) under Site Settings | Type tab.
Posted by: jbloggs
Great guide. Thanks very much, it was very educating.
Posted by: Wladdy
thanks man good job...:D
Posted by: teresckova
nice info...thanks