[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 688
  • Last Modified:

How Do You Set Up FTP?

Hello Experts!

Can anyone explain to me how you can set up an FTP connection to a random directory on a server (or if this is even possible, or if it is restricted to only particular directories?)

I am running Apache 2.2.4 on a Linux system under a Centos release 6.5.
0
OmniUnlimited
Asked:
OmniUnlimited
  • 7
  • 7
  • 3
  • +3
4 Solutions
 
savoneCommented:
apache is a web server, it does not handle FTP connections.

You can use VSFTP.

https://www.digitalocean.com/community/articles/how-to-set-up-vsftpd-on-centos-6--2
0
 
Arpit BajpaiCo-founder/DirectorCommented:
Hi,
Use VSFTPD on linux server for running and maintaining FTP. It is open source.

Here is the link: https://security.appspot.com/vsftpd.html

Thanks
Arpit
0
 
OmniUnlimitedAuthor Commented:
Hello Experts!

Thanks for your input.  So I guess what both of you are saying is that I need a third-party program to do ftp.  Does anybody know what the ftp binary does in my /usr/bin/ directory?
0
Granular recovery for Microsoft Exchange

With Veeam Explorer for Microsoft Exchange you can choose the Exchange Servers and restore points you’re interested in, and Veeam Explorer will present the contents of those mailbox stores for browsing, searching and exporting.

 
giltjrCommented:
Do you want to run the ftp server on your computer so that others can connect to it and send you files or pull files from you?

Or are you trying to connect to somebody else's ftp server so you can send them files or pull files from them?

/usr/bin/ftp is a ftp client program.  It is used for you to connect to a ftp server running on another computer to send files or get files from that ftp server.
0
 
OmniUnlimitedAuthor Commented:
Well, the server is mine, and I am trying to set it up so a friend can send or get files from it.
0
 
giltjrCommented:
Arpit Bajpai suggest of VSFTPD will work.

Another option that makes a few things simpler is to use sftp.  sftp is a ftp like process using ssh.  It simpler as it only requires using one TCP port (22) whereas real FTP requires two ports.  So less ports you need to configure on your firewall to allow inbound.

sftp is also more secure as it encrypts all traffic and ftp is clear text.
0
 
MazdajaiCommented:
Does anybody know what the ftp binary does in my /usr/bin/ directory? 

Open in new window


The binary in /usr/bin is a ftp client.

From what you are describing, you may want to setup a anonymous ftp server.
0
 
giltjrCommented:
I would not suggest setting up an anonymous ftp server, too much of a security risk.

@OmniUnlimited is this for your home?  If so do you have a static IP address?  If you don't have a static IP address it may be difficult to do as your friend will need to know your IP address.  You might have to subscribe to a dynamic DNS service if your router supports it.
0
 
OmniUnlimitedAuthor Commented:
SFTP sounds good.  How do I go about setting it up?

@giltjr: The server does have a static IP address.
0
 
giltjrCommented:
If you are running Linux, then more than likely it is already there.  Most Linux distributions automatically setup sftp.

If you normal logon to your Linux box from a locally attached monitor/keyboard try issuing the command:

sftp userid@localhost

where userid is your userid.  When promoted for a password use your normal password.  If that works:

1) Setup a user-id and password for your friend.
2) If you have the firewall setup and running on your CentOS, make sure it is setup to allow TCP port 22 (a.k.a ssh)
3) Configure your router to forward port 22 to your Linux box.
4) Have your friend get a sftp client, give him your static IP address

He now does

ssh userid@x.x.x.x

where userid is the userid you setup for him and he enters the password you setup for him.

He can then do the most important function "ftp" functions:

ls
cd
put
get
0
 
OmniUnlimitedAuthor Commented:
@giltjr:  I'm sorry, but I'm getting a little confused.  You seem to be using the terms SFTP, FTP, and SSH almost synonymously.  This is what I want:

Let's say my friend has an FTP Client like Dreamweaver or Filezilla.  The only thing I want my friend to be able to do is to connect to my server using that client.  I don't want him executing server commands like ls, cd, put, etc, and I want him limited to only the directory I give to him.  How do I set this up?

I don't know what you mean by the term "Linux box", and I connect to my server from a remote station.
0
 
giltjrCommented:
sftp = "ftp" like functions provided by ssh.  You have  to install ssh to do sftp.

--> "... connection to a random directory ..."

Implies that the user is NOT fixed to a single directory, but can change directories.

--> "I am running Apache 2.2.4 on a Linux system under a Centos release 6.5. "

Are you wanting him to ftp to the above system?  If so that is the "linux box" I am talking about.  If you server is not  the linux system above, what OS is it running?

--> " FTP Client like Dreamweaver or Filezilla"

Both support using sftp. In Filezilla you select the protocol "sftp".  I have never used Dreamweaver, but I know it supports it.
0
 
OmniUnlimitedAuthor Commented:
"... connection to a random directory ..."

I'm sorry, I meant connect to a directory I choose at random for my friend, not that he would have the luxury of going anywhere on the server he wants.  He would need to stay in his directory and any subfolders he creates within that directory.

I am running the system I mentioned in my question.  I simply didn't know you could refer to that as a "Linux box".

Yes, the file clients support SFTP, but seem to operate the same under SFTP as they do under FTP with the functionality I described in limiting the person who logs in to their respective folder.
0
 
SandyCommented:
I suggest to configure PUREFTP. Robust and reliable

TY/SA
0
 
giltjrCommented:
It's not the client that limits which "folder" they can get to.  It is the security on the server.  This it true no matter what protocol you use, ftp or sftp.
0
 
savoneCommented:
What you want is a chrooted environment.  Here are directions on how to setup SFTP so your friend will be jailed in his home directory and not be able to move around the filesystem.

http://www.putorius.net/2011/04/how-to-chroot-users-in-sftp-server.html
0
 
OmniUnlimitedAuthor Commented:
Thank you all for your input.

Well, from your comments, I can see it may be a challenge to acheive what I am looking for.  I already have the user set up for SSH shell access.  Does that automatically give them access via SFTP?

I tried setting up a jailed environment for SSH, but that didn't work very well as the jail cuts my friend off from a lot of server functionality.  Seems I'd pretty much have to duplicate all programming and binaries from the server within the jailed environment, which unfortunately, seem ridiculous.
0
 
savoneCommented:
Yes, if a user can SSH into a system they automatically have access via SFTP.  SFTP is a subsystem of SSH.

What exactly do you want your friend to be able to do?  Any administration can be done via SSH.
0
 
giltjrCommented:
ssh is NOT meant to be setup as a chroot'ed enviroment.  As you found out there is WAY too many things you have to link to or duplicate to make ssh usable.

If you have him setup for ssh then he should be able to sftp without any additional changes on your side.  Other than he may have access to directories that you may not want him to have access too.

If you want to chroot sftp you should be able to follow:

http://www.thegeekstuff.com/2012/03/chroot-sftp-setup/

I have never setup a chroot'ed environment for sftp, so I can't vouch for the instructions.

There are other instructions that not only setup chroot'ed sftp, but prevent users from accessing via ssh.  If you don't want him ssh'ing to your server, you may want to search for those and implement.
0
 
OmniUnlimitedAuthor Commented:
Thank you experts, the FTP solutions provided I'm sure would work, but since SSH is already set up on the server, we are opting for SFTP.
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

  • 7
  • 7
  • 3
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now