How to Connect Over FTPS on Ubuntu?

Connecting Over FTPS In Ubuntu

In this tutorial, we’ll learn how to connect over FTPS on Ubuntu one of the flavours of Linux systems. FTPS is an abbreviation of multiple terms – “FTP over TLS”, “FTP Secure”, “FTP+SSL” in Ubuntu. Despite its reputation for robust security measures,  VSFTPD, while known for its strong security features, can be considered unsecure as it originally used the FTP protocol, which sends data in plain text, making it vulnerable to eavesdropping attacks.

Contemporary options like SFTP (SSH File Transfer Protocol) and FTP over TLS (Transport Layer Security) have risen in popularity, as they provide comprehensive encryption for data being transferred. These updated protocols mandate a certificate to set up a secure link, guaranteeing that data in transit stays undecipherable to any likely eavesdroppers. This makes them a safer choice for current data transfer requirements.

Installing FileZilla and connecting over FTPS (GUI)

The most popular FTP client is FileZilla, not only FTP, but it also supports FTPS, FTPES, SFTP. It is a free cross-platform software, easy to use and install.

Since we are planning to access and use FTPS server over your network, think of OpenSSL as your trusty sidekick. It’s a dynamic toolkit adept at managing the intricacies of Transport Layer Security and Secure Sockets Layer protocols. So, no matter what package or application be it FileZilla, lftp, or a desire to select a custom script, OpenSSL safeguards ensuring our data communication remains encrypted and secure.

You can easily install it by using the apt command:

sudo apt install filezilla
Installing FileZilla Using Terminal FTPS on Ubuntu
Installing FileZilla using Terminal

Now you easily search for FileZilla in your Applications,

Searching For FileZilla In Activities FTPS on Ubuntu
Searching for FileZilla in Activities

Click to open it.

FileZilla has a very easy to use interface, to connect over FTPS, make sure you add ftps:// followed by the hostname (e.g. ftps://ftps.example.com).

Generally by default the FTPS port is 990, but incase it’s different you need to mention it with other credentials.

FileZilla Interface 2 FTPS on Ubuntu
FileZilla Interface 2

Connecting over FTPS on Ubuntu using lftp (Terminal)

The ftp package which comes pre-installed with Ubuntu Server, does not support FTPS. So we will use lftp to connect over FTPS in Ubuntu.

lftp is a sophisticated file transfer program which not only supports FTPS but also FTP, HTTP, HTTPS, HFTP, FISH, SFTP and file. You can read more about lftp by executing the following command to open up it man page:

man lftp

1. Installing lftp on Ubuntu

We’ll make use of apt command with sudo command to install lftp, as stated below:

sudo apt install lftp
Installing Lftp 1
Installing lftp

2. Connecting and performing basic commands with lftp on FTPS

To connect to any FTPS server simply run:

lftp -u myuser ftps://ftps.example.com
Ftps Login FTPS on Ubuntu
Connecting over FTPS

To understand the basic functionality, we’ll list remote files then change active directory, then we’ll transfer a file from the local machine and rename it, then we’ll create a new directory and in the end we’ll download the file to the local machine and delete the file.

To get list of the remote files, enter ls command in lftp‘s interactive shell:

Listing Remote Files 1
Listing remote files

We can see a directory named remotedir. Next, we’ll change the active remote directory with cd:

cd remotedir
Changing Remote Directories 1
Changing active remote directory

Now we’ll transfer a local file to the remote server with put command:

put test.txt

This command will transfer your local test.txt file from your current active local directory to the current active remote directory as test.txt.

Transferring Files From Local Machine To Remote Server Using Put Command 1
Transferring files from local machine to remote server using put command

Now to rename any file in remote directory, we can make use of mv command:

mv test.txt newtest.txt

This will rename test.txt to newtest.txt,

Renaming Remote File 1
Renaming remote file

Now we’ll create a new remote directory with the mkdir command:

mkdir newdir

This command will create a new remote directory called newdir.

New Remote Directory
New Remote Directory

Now to download the file from the remote server, we’ll use the get command:

Downloading The File In The Active Directory From The Remote Server
Downloading the file from the active remote directory on the local machine

This will download the newtest.txt file in remotedir on the remote server to the active directory on the local machine. Now to delete a remote file, we’ll use the rm command:

rm newtest.txt

This will remove a file named newtest.txt in the active remote directory,

Deleting A Remote File
Deleting a remote file

And, similarly to remove a remote directory, we’ll use rmdir command:

rmdir newdir

This will remove a remote directory called newdir in the active remote directory.

Now that we have gone over how to install and run lftp command in the terminal, how to create a connection to secure ftp server, as well as perform various commands such as listing remote files with “ls”, changing directories with “cd”, transferring files with “put”, renaming files with “mv”, creating directories with “mkdir”, downloading files with “get”, deleting files with “rm”, and removing directories with “rmdir”. Let us go over other ways to connect over ftps.

Various methods to connect over FTPS

Use lftp with Script and Bookmark

These long command line could be tedious to some people we can get this automated using scripts and saving them as a bookmark.

$ cat lftp.ssl.commands
user moo foopass
set ftps:initial-prot "";
set ftp:ssl-force true;
set ftp:ssl-protect-data true;
open ftps://HOSTNAME:990

To make use of this script all we need to do is to save this code in a file. Then just run the lftp command without any arguments.

Now we source the script then save the bookmark. Delete the script to get rid of the clear-text password. In the future, we can use the bookmark to connect.

Here’s a sample output,

$ lftp lftp :~> source lftp.ssl.commands

lftp HOSTNAME:~> dir

`ls' at 0 [Connecting...]

Using a Bash Script for Connection

Another method involves writing a bash script. This allows a series of commands to be executed in sequence.

#!/bin/bash
lftp <<SCRIPT
set ftps:initial-prot "";
set ftp:ssl-force true;
set ftp:ssl-protect-data true;
open ftps://<hostname>:990;
user <user> <password>;
lcd /tmp;
cd <ftp_folder_hierarchy>;
put foo.txt;
exit;
SCRIPT

This script won’t make any permanent changes to your lftp configuration files.

Ensuring SSL Settings Before Opening a Connection

In some cases, SSL settings should be set before the open command. Here’s an example:

lftp -c 'set ftp:ssl-allow true ; set ssl:verify-certificate no; open -u USERNAME,PASSWORD -e "cd /; mput LOCAL/PATH/TO/FILE/FILENAME.EXT; quit" HOST'

Using a Custom lftp Configuration

Creating a custom .lftprc file can help maintain a persistent set of configurations. Here is how to create a .lftprc file:

  1. Create a file named .lftprc with vi .lftprc
  2. Add the following content:
set ftp:ssl-auth TLS
set ftp:ssl-force true
set ftp:ssl-protect-list yes
set ftp:ssl-protect-data yes
set ftp:ssl-protect-fxp yes
set ssl:verify-certificate no
  1. Connect to the server with lftp username@hostname

Using ftp-ssl for Automatic SSL or TLS

ftp-ssl is a command that tries to connect via SSL or TLS authentication and encryption by default. If a secure connection is not available, it falls back to a standard FTP connection.

ftp-ssl <Server IP address or Server Name>

For example, ftp-ssl 192.168.35.100 or ftp-ssl something.local.

Conclusion

In this tutorial, we’ve taken a journey through the nuts and bolts of setting up a secure FTPS connection on an Ubuntu system which is linux based. We kicked things off by dipping our toes into the world of FTPS protocol, understanding why it’s such a step up from the traditional FTP.

After getting a handle on the basics, we plunged into the practical side of things. We explored how to use FileZilla, a user-friendly graphical client, to connect over FTPS. And for those who prefer the command-line, we didn’t leave you out! We also covered how to use the command-line client ‘lftp’ for the same purpose.

We walked through how to get these tools up and running on your machine, how to make that initial connection to a server, and the basics of executing commands. Plus, we gave you some insider tips on automating this process with the help of scripts and bookmarks.

And that’s not all! We dived into alternate strategies too. We touched on the use of a bash script, creating a custom lftp configuration, and even the ‘ftp-ssl’ command for automated SSL or TLS.

One thing to keep in mind though – while FTPS provides that much-needed security blanket, it’s essential to make sure that the systems and data you’re working with are locked up tight. This means adopting the best practices of data security and privacy.