Link to home
Start Free TrialLog in
Avatar of OmniUnlimited
OmniUnlimitedFlag for United States of America

asked on

How Do You Set Up FTP?

Hello Experts!

Can anyone explain to me how you can set up an FTP connection to a random directory on a server (or if this is even possible, or if it is restricted to only particular directories?)

I am running Apache 2.2.4 on a Linux system under a Centos release 6.5.
Avatar of Steven Vona
Steven Vona
Flag of United States of America image

apache is a web server, it does not handle FTP connections.

You can use VSFTP.

https://www.digitalocean.com/community/articles/how-to-set-up-vsftpd-on-centos-6--2
SOLUTION
Avatar of Arpit Bajpai
Arpit Bajpai
Flag of India image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of OmniUnlimited

ASKER

Hello Experts!

Thanks for your input.  So I guess what both of you are saying is that I need a third-party program to do ftp.  Does anybody know what the ftp binary does in my /usr/bin/ directory?
Do you want to run the ftp server on your computer so that others can connect to it and send you files or pull files from you?

Or are you trying to connect to somebody else's ftp server so you can send them files or pull files from them?

/usr/bin/ftp is a ftp client program.  It is used for you to connect to a ftp server running on another computer to send files or get files from that ftp server.
Well, the server is mine, and I am trying to set it up so a friend can send or get files from it.
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Does anybody know what the ftp binary does in my /usr/bin/ directory? 

Open in new window


The binary in /usr/bin is a ftp client.

From what you are describing, you may want to setup a anonymous ftp server.
I would not suggest setting up an anonymous ftp server, too much of a security risk.

@OmniUnlimited is this for your home?  If so do you have a static IP address?  If you don't have a static IP address it may be difficult to do as your friend will need to know your IP address.  You might have to subscribe to a dynamic DNS service if your router supports it.
SFTP sounds good.  How do I go about setting it up?

@giltjr: The server does have a static IP address.
If you are running Linux, then more than likely it is already there.  Most Linux distributions automatically setup sftp.

If you normal logon to your Linux box from a locally attached monitor/keyboard try issuing the command:

sftp userid@localhost

where userid is your userid.  When promoted for a password use your normal password.  If that works:

1) Setup a user-id and password for your friend.
2) If you have the firewall setup and running on your CentOS, make sure it is setup to allow TCP port 22 (a.k.a ssh)
3) Configure your router to forward port 22 to your Linux box.
4) Have your friend get a sftp client, give him your static IP address

He now does

ssh userid@x.x.x.x

where userid is the userid you setup for him and he enters the password you setup for him.

He can then do the most important function "ftp" functions:

ls
cd
put
get
@giltjr:  I'm sorry, but I'm getting a little confused.  You seem to be using the terms SFTP, FTP, and SSH almost synonymously.  This is what I want:

Let's say my friend has an FTP Client like Dreamweaver or Filezilla.  The only thing I want my friend to be able to do is to connect to my server using that client.  I don't want him executing server commands like ls, cd, put, etc, and I want him limited to only the directory I give to him.  How do I set this up?

I don't know what you mean by the term "Linux box", and I connect to my server from a remote station.
sftp = "ftp" like functions provided by ssh.  You have  to install ssh to do sftp.

--> "... connection to a random directory ..."

Implies that the user is NOT fixed to a single directory, but can change directories.

--> "I am running Apache 2.2.4 on a Linux system under a Centos release 6.5. "

Are you wanting him to ftp to the above system?  If so that is the "linux box" I am talking about.  If you server is not  the linux system above, what OS is it running?

--> " FTP Client like Dreamweaver or Filezilla"

Both support using sftp. In Filezilla you select the protocol "sftp".  I have never used Dreamweaver, but I know it supports it.
"... connection to a random directory ..."

I'm sorry, I meant connect to a directory I choose at random for my friend, not that he would have the luxury of going anywhere on the server he wants.  He would need to stay in his directory and any subfolders he creates within that directory.

I am running the system I mentioned in my question.  I simply didn't know you could refer to that as a "Linux box".

Yes, the file clients support SFTP, but seem to operate the same under SFTP as they do under FTP with the functionality I described in limiting the person who logs in to their respective folder.
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
It's not the client that limits which "folder" they can get to.  It is the security on the server.  This it true no matter what protocol you use, ftp or sftp.
What you want is a chrooted environment.  Here are directions on how to setup SFTP so your friend will be jailed in his home directory and not be able to move around the filesystem.

http://www.putorius.net/2011/04/how-to-chroot-users-in-sftp-server.html
Thank you all for your input.

Well, from your comments, I can see it may be a challenge to acheive what I am looking for.  I already have the user set up for SSH shell access.  Does that automatically give them access via SFTP?

I tried setting up a jailed environment for SSH, but that didn't work very well as the jail cuts my friend off from a lot of server functionality.  Seems I'd pretty much have to duplicate all programming and binaries from the server within the jailed environment, which unfortunately, seem ridiculous.
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
ssh is NOT meant to be setup as a chroot'ed enviroment.  As you found out there is WAY too many things you have to link to or duplicate to make ssh usable.

If you have him setup for ssh then he should be able to sftp without any additional changes on your side.  Other than he may have access to directories that you may not want him to have access too.

If you want to chroot sftp you should be able to follow:

http://www.thegeekstuff.com/2012/03/chroot-sftp-setup/

I have never setup a chroot'ed environment for sftp, so I can't vouch for the instructions.

There are other instructions that not only setup chroot'ed sftp, but prevent users from accessing via ssh.  If you don't want him ssh'ing to your server, you may want to search for those and implement.
Thank you experts, the FTP solutions provided I'm sure would work, but since SSH is already set up on the server, we are opting for SFTP.