This tutorial demonstrates how to install vsftp on CentOS/Redhat and configure it to allow connections over TLS for additional security. We’ll also chroot the users to their own directory.
Install vsftp:
yum install vsftp
Edit the config file “/etc/vsftpd/vsftpd.conf” and set the following:
rsa_cert_file=/etc/vsftpd/vsftpd.pem rsa_private_key_file=/etc/vsftpd/vsftpd.pem chroot_local_user=YES anonymous_enable=NO ssl_enable=YES allow_anon_ssl=NO force_local_data_ssl=YES force_local_logins_ssl=YES ssl_tlsv1=YES ssl_sslv2=NO ssl_sslv3=NO require_ssl_reuse=NO ssl_ciphers=HIGH
Create the certificates:
openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout /etc/vsftpd/vsftpd.pem -out /etc/vsftpd/vsftpd.pem
If you’re using SELinux (you should be), enable home sharing via FTP:
setsebool -P ftp_home_dir 1
Finally we enable and restart vsftpd:
chkconfig vsftpd on service vsftpd restart
Make sure to permit port 21 through your firewall(s).
Another good tutorial on this is: https://www.digitalocean.com/community/tutorials/how-to-configure-vsftpd-to-use-ssl-tls-on-a-centos-vps