ProFTPD, a highly configurable FTPS server that keeps every file transfer encrypted, chrooted per user, with no known default login.
ProFTPD is a highly configurable, widely deployed FTP server for Unix and Linux. This image runs it in an FTPS first posture: explicit TLS is required on both the control and data channels, so credentials and file contents are always encrypted in transit and a plaintext login is refused. Every user is chrooted to its own home directory, anonymous access is refused, and the server is driven entirely by a readable configuration tree that you can extend with virtual users, quotas, bandwidth controls and LDAP or SQL backends.
The cloudimg image is hardened and fully patched with ProFTPD preconfigured to accept secure FTPS transfers out of the box. There is no known bootstrap credential: on first boot a unique FTP user, a strong random password and a unique self signed TLS certificate are generated for that specific instance and written to a root owned file, so no default login ships and no two instances share one. Every instance is backed by a paired deploy guide and 24/7 cloudimg support.