have created an FTP Account, can connect from WinSCP. Like to secure this. Found a post from Tim to better use FTPS instead of SFTP or or SCP, but do not found who to install or activate it. Second, im not really a friend of accessing server with a password, more liking to use a public / private key. Is that possible for ISPConfig 3 Admin Console and FTP Access. And if yes, who to do. Didn't find this in the manual Thaks for any help
The steps required to enable TLS in pure-ftpd are detailed in the Perfect Server tutorials. Look there for specific instructions. EDIT: Because I'm a nice guy, I'll do your homework for you: Code: # echo 1 > /etc/pure-ftpd/conf/TLS NOTE: 1 = TLS is optional. 2 = TLS is required, but clear data connections are accepted. 3 = TLS is required, and clear data connections are refused. Code: # mkdir -p /etc/ssl/private/ Code: # openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem Code: # chmod 600 /etc/ssl/private/pure-ftpd.pem Code: # service pure-ftpd-mysql restart You will also want to ensure that your pure-ftpd implementation is not vulnerable to the POODLE attack against SSLv3. To do so, follow the appropriate instructions at https://www.howtoforge.com/how-to-secure-your-ispconfig-3-server-against-the-poodle-ssl-attack . Regarding your second question, are you asking whether or not it is possible to access the ISPConfig interface (the one that listens for HTTP(S) requests on port 8080, by default) using a public/private key-pair?
