Solved

How to replace FTP by secureFTP on AIX

Posted on 2011-09-14
5
486 Views
Last Modified: 2012-05-12
Hi,

I have never used aix before, but my boss asked me to replace FTP by secureFTP.

I don't know where to start, can you please help me?
0
Comment
Question by:cismoney
  • 3
  • 2
5 Comments
 
LVL 68

Expert Comment

by:woolmilkporc
Comment Utility
What exactly do you mean with secureFTP?

AIX comes with openSSH. If you installed it (it's on the Installation DVD) then you have sftp (file transfer over SSH)  already in place.

AIX's FTP is configurable to run over TLS/SSL (FTPS). It's a bit complicated, but feasible.

Or are you talking about a third-party product? If so, which one do you have in mind? vsftpd?

wmp
0
 

Author Comment

by:cismoney
Comment Utility
ok how do I know that my ftp is secure? *

how do i know that sftp is installed on the server instead of ftp (what is the command)
0
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 500 total points
Comment Utility
1) Find out whether OpenSSH is installed:

lslpp -l "openss*"

If you see "openssh" and "openssl" it is installed.

2) Check in /etc/ssh/sshd_config for

Subsystem       sftp    /usr/bin/sftp-server

If this line is not commented out sftp is active.

3) If (1) and (2) are true your clients can use the "sftp" command instead of the "ftp" command (or configure their client applications to use sftp instead of ftp).

You could also disable the regular ftp daemon. See our other case (the .rhosts thing). It's the same procedure. Choose to disable "ftp".

wmp
0
 

Author Comment

by:cismoney
Comment Utility
how do i disable the regular ftp daemon?
0
 
LVL 68

Expert Comment

by:woolmilkporc
Comment Utility
See the last sentence in my above post and the ".rhosts" case!

"smitty inetdconf", choose "Remove an inetd Subserver", select "ftp" and go!

0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

A metadevice consists of one or more devices (slices). It can be expanded by adding slices. Then, it can be grown to fill a larger space while the file system is in use. However, not all UNIX file systems (UFS) can be expanded this way. The conca…
Using libpcap/Jpcap to capture and send packets on Solaris version (10/11) Library used: 1.      Libpcap (http://www.tcpdump.org) Version 1.2 2.      Jpcap(http://netresearch.ics.uci.edu/kfujii/Jpcap/doc/index.html) Version 0.6 Prerequisite: 1.      GCC …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now