File Transfer Protocol (FTP) was once considered the primary method used to transfer files over a network from computer to computer. FTP is still heavily used today, although many graphical FTP clients now supplement the original text-based interface command. As computers have evolved, so has FTP, and Fedora includes many ways with which to use a graphical interface to transfer files over FTP.
This chapter contains an overview of the available FTP software included with Fedora, along with some details concerning initial set up, configuration, and use of FTP-specific clients. Fedora also includes an FTP server software package named vsftpd
, the Very Secure FTP Daemon, and a number of associated programs you can use to serve and transfer files with the FTP protocol.
The FTP protocol allows users to connect to a server, read directories and filenames, and download and upload data. If the correct access rights are set, users can also create new folders and set access permissions on them.
However, using FTP poses a security risk: Usernames and passwords are transmitted unencrypted across a LAN or the Internet. To stop users from taking the risk of giving their authentication details to anyone listening on the wire, many sites enable only anonymous FTP login and file retrieval. Many Linux users have turned to more secure alternatives, such as sshd
and sftp
or scp
, included with the OpenSSH suite. The following sections discuss the different types of newer and traditional interfaces to FTP and their usage. Because they are part of the larger OpenSSH collection, the sftp
and scp
commands are covered in Chapter 19, “Remote Access with SSH and Telnet.”
Using the text-based FTP interface helps you understand what each action in a graphical FTP session does. This understanding can be handy when, for example, the graphic client does not automatically detect the file type being transferred. In this situation, a binary file is transferred as an ASCII file and is therefore useless. Conversely, an ASCII file transferred as a binary prints the ^M
control character at the end of each line. This error typically occurs when transferring files from older Microsoft Windows operating systems to Linux because the Windows FTP client defaulted to ASCII, not binary transfers.
Some of the following common commands may be used in a typical FTP session:
ascii
—. Sets an ASCII file transfer type for the FTP session. You use this command before file transfers when sending or receiving text files.
bin
—. Sets a binary file-type transfer for the FTP session. Use it before file transfers to send or receive binary files such as graphics images or compressed archives.
close
—. Closes a connection to a remote server during an FTP session. Use this command instead of quit
or bye
to return to the ftp
command prompt.
get
—. Initiates a transfer of a single file from the FTP server to the user’s local machine. Use this command to retrieve a single file (such as get cartoon.jpg
).
hash
—. Sets use of a hash mark (#
) during file transfer. Use this command to get a visual indication of the progress of a transfer.
mget
—. Initiates a transfer of multiple files from the FTP server to the user’s local machine. Use this command to download (receive) multiple files with a single command (such as mget *.jpg
).
mput
—. Initiates a transfer of multiple files from the user’s local machine to the FTP server. Use this command to upload (send) multiple files with a single command (such as mput *.jpg
).
open
—. Opens a connection to a remote server using an IP address or hostname. Use this command when working at the ftp
command prompt (such as open ftp.redhat.com
).
prompt
—. Is an interactive command that asks the user for input on whether to get a specific file when the mput
or mget
command is issued. If the user initiates an mget *
, with prompting on, the FTP client prompts the user to transfer each file that the *
wildcard matches. This can be particularly useful when several files in a directory need to be transferred, with one or two files that are unwanted. By default, prompting is turned on.
put
—. Initiates the transfer of a single file from the user’s local machine to the FTP server. Use this command to upload (send) a single file (such as put inventory.doc
).
quit
—. Use this command to close the FTP connection and quit the ftp
command.
These are just some of the commands available during an FTP session. By typing help
, the user can see a full list of valid commands. Typing help command-name
displays a brief description of what that command does. Listing 24.1 shows the help
output.
Example 24.1. The Commands Listed by help
in an FTP Session
Commands may be abbreviated. Commands are: ! cr mdir proxy send $ delete mget sendport site account debug mkdir put size append dir mls pwd status ascii disconnect mode quit struct bell form modtime quote system binary get mput recv sunique bye glob newer reget tenex case hash nmap rstatus trace ccc help nlist rhelp type cd idle ntrans rename user cdup image open reset umask chmod lcd passive restart verbose clear ls private rmdir ? close macdef prompt runique cprotect mdelete protect safe
Connecting to a remote FTP server can require a username and password, but many servers also provide anonymous access. A properly configured remote FTP server responds quickly to FTP requests, and displays shared directories and files. This section shows a sample FTP session with a typical server found at many Internet sites (in this case, running the wu-ftpd
server).
You connect to a remote FTP server by using the ftp
command along with either the IP address or hostname of the remote computer, like so:
$ ftp pheniox Connected to pheniox. 220 pheniox FTP server (Version wu-2.6.1-18) ready. Name (pheniox:tdc): anonymous 331 Guest login ok, send your complete e-mail address as password. Password: 230 Guest login ok, access restrictions apply. Remote system type is UNIX. Using binary mode to transfer files. ftp>
In this example, ftp
is used to connect and then log in using anonymous access. This is done by entering the word anonymous
at the Name
prompt. After you press Enter, a password prompt is displayed. When using anonymous access, it is considered good form to enter your email address as a courtesy. There is no validation of the address entered, but many FTP servers are configured to accept only a valid email address form (that is, [email protected]
) if any text is typed at the prompt.
Many FTP servers accept a simple press of the Enter key at the password prompt if accessed anonymously.
Now that a connection has been established and authenticated to the server, you can set up your FTP session to work the way you want it to. As mentioned in the previous section, the ftp
command has many different built-in commands, which you can view by typing a question mark at the ftp>
prompt. These commands can affect the session display, set the type of file transfer, or obtain information about the remote server.
ftp> hash Hash mark printing on (1024 bytes/hash mark). ftp> prompt Interactive mode off. ftp> bin 200 Type set to I.
In this example, you have told ftp
to print a hash (#
) character for every 1024 bytes that are transferred, turn off prompting, and set the transfer type to binary (which should be on by default). The hash character display provides a visual indicator of the progress of your downloads and uploads. Turning off prompting allows you to send and retrieve multiple files without the need to confirm each transfer. Setting the transfer type to binary ensures that binary files are transferred in the proper format instead of text, which means that executable files and pictures transfer correctly.
Next, you ask the server to show a listing of what directories and files are available on the server:
ftp> ls
200 PORT command successful.
150 Opening ASCII mode data connection for directory listing.
total 32
d--x--x--x 2 root root 4096 Aug 31 07:15 bin
d--x--x--x 2 root root 4096 Aug 31 07:15 etc
d--x--x--x 2 root root 4096 Aug 31 04:44 lib
d--x-x---x 2 root 50 4096 Sep 3 07:34 pub
226 Transfer complete.
If directory permissions in the FTP repository are set correctly, the pub
directory should be the only directory that shows any files under it. To verify this, change directories to etc
and list the contents:
ftp> cd etc 250 CWD command successful. ftp> ls 200 PORT command successful. 150 Opening ASCII mode data connection for directory listing. total 0 226 Transfer complete.
By setting the permissions to execute only on the directories bin
, lib
, and etc
, a system administrator can restrict users from seeing any files in those directories. Good security dictates that remote users be denied information about a system because any information could aid in hacking attempts.
Now that you see the server is relatively secure, change directories to pub
and list its contents:
ftp> cd pub 250-Please read the file README 250- it was last modified on Sun Sep 2 19:25:47 2001 - 1 day ago 250 CWD command successful. ftp> ls 200 PORT command successful. 150 Opening ASCII mode data connection for directory listing. total 552 -rw-r--r-- 1 root 50 100 Sep 2 19:25 README -rw-r--r-- 1 root 50 8 Sep 3 07:33 configuration -rw-r--r-- 1 root 50 8 Sep 3 07:33 temp.txt -rw-r--r-- 1 root 50 15798 Sep 3 10:29 tftp-0.17-14.i386.rpm -rw-r--r-- 1 root 50 26011 Sep 3 10:30 tftp- server-0.17-14.i386.rpm -rw-r--r-- 1 root 50 219332 Sep 3 10:29 wu-ftpd- 2.6.1-22.i386.rpm226 Transfer complete.
To transfer all the RPM files to your local machine, issue the mget *.rpm
command:
ftp> mget *.rpm
local: tftp-0.17-14.i386.rpm remote: tftp-0.17-14.i386.rpm
200 PORT command successful.
150 Opening BINARY mode data connection for tftp-0.17-14.i386.rpm
(15798 bytes).###############
226 Transfer complete.
15798 bytes received in 0.974 secs (16 Kbytes/sec)
local: tftp-server-0.17-14.i386.rpm remote: tftp-server-0.17-
14.i386.rpm
200 PORT command successful.
150 Opening BINARY mode data connection for tftp-server-0.17-
14.i386.rpm (26011 bytes).
#########################
226 Transfer complete.
26011 bytes received in 2.5 secs (10 Kbytes/sec)
local: wu-ftpd-2.6.1-22.i386.rpm remote: wu-ftpd-2.6.1-
22.i386.rpm
200 PORT command successful.
150 Opening BINARY mode data connection for wu-ftpd-2.6.1-
22.i386.rpm (219332 bytes).
#################################################################
#################################################################
#################################################################
###################
226 Transfer complete.
219332 bytes received in 50.3 secs (4.3 Kbytes/sec)
As described before, the mget
command transferred all files with the .rpm
extension to our local machine. Furthermore, it did not prompt us to confirm each file because we turned off prompting. The ftp
client printed a #
for each 1024 bytes transferred to our machine. This is helpful when transferring over a slow connection because you get a visual reminder that your connection is still active.
After every action, the FTP server returns a status code and brief message showing the result of the command you issued. You can find a listing of all status codes and their corresponding messages in Request for Comments 959; you can access a copy of this listing at http://www.ietf.org/rfc/rfc959.txt.
Now you are finished with this session; you can issue the command quit
or bye
to end the session. The FTP server informs you of how many bytes your session transfers, how many files, and the total transferred data (in bytes) between your local machine and the server.
ftp> bye
221-You have transferred 503818 bytes in 5 files.
221-Total traffic for this session was 506422 bytes in 7 transfers.
221 Thank you for using the FTP service on pheniox.
This is a simple example, but average FTP sessions are similarly trivial. Several other commands are available during an FTP session, but they are rarely used. FTP has the capability to take scripted input and define macros that allow for a much more complicated session.
The lftp
command can be used for file transfers using FTP, HTTP, and various secure protocols such as HTTPS and HFTP if a remote proxy is enabled. Two great features of this command are the ability to restart a stalled download in the middle of a file transfer, as well as to start and run multiple downloads in a single session (with job control).
For example, here is a simple session showing an HTTP retrieval from a remote computer running the Apache web server:
$ lftphttp://192.168.2.37 cd ok, cwd=/ lftp 192.168.2.37:/> ls -rw-r--r-- -- manual/mod/core.html -rw-r--r-- -- manual/index.html -rw-r--r-- -- icons/apache_pb.gif -rw-r--r-- -- poweredby.png lftp 192.168.2.37:/> get poweredby.png 1154 bytes transferred lftp 192.168.2.37:/> bye
The lftp
command can also be used as a traditional FTP client, but with some interesting features:
$ lftp 192.168.2.67 -u phudson Password: lftp [email protected]:~> cd /d2/isos/redhat/limbo cd ok, cwd=/d2/isos/redhat/limbo lftp [email protected]:/d2/isos/redhat/limbo> mget disc1 & [0] mget *disc1* & lftp [email protected]:/d2/isos/redhat/limbo> jobs [0] mget *disc1* 'limbo-i386-disc1.iso' at 56436448 (8%) 1.08M/s eta:9m [Receiving data] lftp [email protected]:/d2/isos/redhat/limbo> bye [1843] Moving to background to complete transfers... $ ps aux | fgrep lftp phudson 1843 7.6 1.0 5456 2404 ? S 19:09 0:02 lftp 192.168.2.67
A username (and password) can be passed on the command line using the -u
option. You can use this feature to reduce the amount of interactive typing required when retrieving remote files, as an aid when using lftp
in shell scripts, and when retrieving files with lftp
as a background process.
By using an ampersand (&
), the retrieval is conducted in the background, as shown in the preceding example. The jobs
command is used to show current transfers. If a user logs out of the session (using the bye
command), the file transfer continues as a background process if it has not completed. (This is verified by using the ps
command.)
The lftp
client has many additional features that can make the job of transferring files easier than using other FTP clients.
The wget
command is used for file transfers using FTP, HTTP, and various secure protocols such as HTTPS and HFTP if a remote proxy is enabled. However, wget
supports only noninteractive transfers, unlike other FTP clients. This is actually a feature because wget
can be used to download files as a background process and to recursively replicate remote file directories. The command also supports download completion of partially downloaded files, which can save a lot of time during periods of intermittent connectivity or broken connections.
For example, here is a simple invocation showing FTP retrieval from a remote computer using wget
and an FTP URL:
$ wget ftp://phudson:mypasswd@stinky/mp3/*
--13:13:28-- ftp://phudson:*password*@stinky/mp3/*
=> `.listing'
Resolving stinky... done.
Connecting to stinky[192.168.2.33]:21... connected.
Logging in as phudson ... Logged in!
==> SYST ... done. ==> PWD ... done.
==> TYPE I ... done. ==> CWD /home/paul/mp3 ... done.
==> PORT ... done. ==> LIST ... done.
[ <=> ] 648 632.81K/s
13:13:28 (632.81 KB/s) - `.listing' saved [648]
Removed `.listing'.
--13:13:28-- ftp://phudson:*password*@stinky/mp3/C31821-01A.mp3
=> `C31821-01A.mp3'
==> CWD not required.
==> PORT ... done. ==> RETR C31821-01A.mp3 ... done.
Length: 5,172,089
60% [=====================> ] 3,123,680 264.80K/s ETA 00:07
In this example, the user retrieves all files in a directory named mp3
(under /home/paul
) on the remote host named stinky
. The wget
command first retrieves a directory listing, and then proceeds to download the specified files (all marked with *
in this example). Note that you can specify a username and password (mypasswd
in the example) on the command. This generally is not a good idea. A better, but still not really secure, approach is to save the password in a file named .wgetrc
in your home directory. See the wget
man page for more information, or check the only documentation at http://www.gnu.org/software/wget/manual/wget-1.8.1/html_mono/wget.html.
Another popular use for wget
is downloading complete copies of websites for offline reading, although it is not very friendly toward website owners who have to pay for all the bandwidth!
To download an entire site, you need to specify the --mirror
, --convert-links
, and -p
parameters, followed by the URL of the site to download. The first parameter tells wget
to download all the pages and pictures from the site, following links as it can. The second tells it to rewrite the HTML so that it works when browsed locally. The last parameter, -p
, tells wget
to download all the files referenced in the HTML, such as sounds, CSS files, and other related documents. You might also want to specify the -w
parameter, which allows you to specify a number of seconds between individual wget
requests; this stops your download from overloading the web server.
So, the complete command to download a website (for example, www.example.com) would be wget --mirror --convert-links -p -w 2 http://www.example.com/
.
Many graphical FTP clients are available for Linux. Fedora includes the graphical gFTP client and network-aware browsers included with GNOME and KDE. These browsers feature built-in drag-and-drop capability, thus ensuring FTP functionality. Other graphical interface clients that can be used for FTP include the Mozilla web browser, KDE’s Konqueror, GNOME’s Epiphany, and the Nautilus file manager.
The GNOME gFTP client provides all the typical features of FTP, including the capability to save profiles of common connections. Figure 24.1 shows a typical gFTP session in action. On the left panel is the local host, and on the right panel is the remote server. A connection is initiated by typing the address of the host into the host field, a specific port if not the standard FTP port (21), a valid username for the server, and a password. After the information is entered, clicking the icon that looks like a monitor starts the connection to the server. The bottom panel displays session information, such as changing directories, as shown in Figure 24.1.
gFTP sets the file type as binary by default, which can be changed by clicking ASCII in the FTP drop-down menu. To upload a file to the server, the user clicks a filename in the left panel and clicks the right arrow icon. The file is then transferred to the server, and the right panel is updated to reflect this new file being added to the server. Similarly, to download a file from the server, the user selects the correct file type from the drop-down menu, selects the file to be downloaded, and clicks the left arrow icon. The left panel is then updated to show the result of the transfer, with logging information shown in the bottom panel.
After all files are uploaded or downloaded, you must close the session. Do this by clicking the red button on the top right of the application window to issue the quit command. gFTP displays the session summary information in the log panel at the bottom of the application. You can also close the session simply by exiting gFTP.
Both KDE and GNOME file browsers have integrated FTP functionality built in. Use an ftp://
URL followed by a server name or IP address to start an anonymous FTP session. The drag-and-drop feature of KDE and the GNOME window manager allows users to select remote files and drag them to the desktop.
KDE’s Konqueror web browser is capable of handling a number of networking and file transfer protocols, including FTP. You can configure various settings for this browser, such as the appearance of the browser’s toolbar, but one of Konqueror’s best features is its flexibility for file transfers.
Start the browser by clicking its icon on the KDE’s kicker desktop panel or by typing the following at the command line:
$ konqueror &
After launching the client, you can use the ftp://
URL form to access remote servers, as shown in Figure 24.2.
If your window manager does not support drag and drop, you can use Konqueror’s Copy Files feature to retrieve a file. First, you type in an FTP URL (such as ftp://ftp.tux.org). Next, navigate to a desired directory and click to select a desired file. You then click the Edit menu’s Copy Files menu item (or press F7). A Save dialog appears, and you can select your home directory to save the file. After you press Enter, a file download progress dialog is displayed while the file is being retrieved.
You can also use the Nautilus browser to retrieve files from a remote server. Figure 24.3 shows an anonymous login to a remote FTP server using Nautilus. Browse to a remote FTP server by going to the File menu, and then selecting Connect to Server (Public FTP is the default server type). Simply click to select a file, select Copy from the Edit menu (or press Ctrl+C), click to go to your home directory (using the icon in the Nautilus toolbar), and then click Paste (or press Ctrl+V) to retrieve and save the file.
These types of intuitive features can shield users from needing to know the details of how FTP works or memorizing various commands.
FTP uses a client/server model. As a client, FTP accesses a server, and as a server, FTP provides access to files or storage. Just about every computer platform available has software written to enable a computer to act as an FTP server, but Fedora provides the average user the ability to do this without paying hefty licensing fees and without regard for client usage limitations.
There are two types of FTP servers and access: standard and anonymous. A standard FTP server requires an account name and password from anyone trying to access the server. An anonymous server allows anyone to connect to the server to retrieve files. Anonymous servers provide the most flexibility, but they can also present a security risk. Fortunately, as you will read in this chapter, Fedora is set up to use proper file and directory permissions and commonsense default configuration, such as disallowing root
to perform an FTP login.
Many Linux users now use OpenSSH and its suite of clients, such as the sftp
command, for a more secure solution when transferring files. The OpenSSH suite provides the sshd
daemon and enables encrypted remote logins (see Chapter 19 for more information).
When you are preparing to set up your FTP server, you must first make the decision to install either the authenticated or anonymous service. Authenticated service requires the entry of a valid username and password for access. As previously mentioned, anonymous service allows the use of the username anonymous
and an email address as a password for access.
Authenticated FTP servers provide some measure of secure data transfer for remote users, but require maintenance of user accounts as username and passwords are used. Anonymous FTP servers are used when user authentication is not needed or necessary, and can be helpful in providing an easily accessible platform for customer support or public distribution of documents, software, or other data.
If you use an anonymous FTP server in your home or business Linux system, it is vital that you properly install and configure it to retain a relatively secure environment. Sites that host anonymous FTP servers generally place them outside the firewall on a dedicated machine. The dedicated machine contains only the FTP server and should not contain data that cannot be restored quickly. This dedicated-machine setup prevents malicious users who compromise the server from obtaining critical or sensitive data. For an additional, but by no means more secure setup, the FTP portion of the file system can be mounted read-only from a separate hard drive partition or volume, or mounted from read-only media, such as CD-ROM, DVD, or other optical storage.
The Very Secure vsftpd
server, like wu-ftpd
(also discussed in this chapter), is licensed under the GNU GPL. The server can be used for personal or business purposes. Other FTP servers are available for Fedora, but only vsftpd
comes bundled with this book’s DVD. The wu-ftpd
and vsftpd
servers will be covered in the remainder of this chapter.
One alternative server is NcFTPd, available from http://www.ncftp.com. This server operates independently of xinetd
(typically used to enable and start the wu-ftp
server) and provides its own optimized daemon. Additionally, NcFTPd has the capability to cache directory listings of the FTP server in memory, thereby increasing the speed at which users can obtain a list of available files and directories. Although NcFTPd has many advantages over wu-ftpd
, NcFTPd is not GPL licensed software, and its licensing fees vary according to the maximum number of simultaneous server connections ($199 for 51 or more concurrent users and $129 for up to 50 concurrent users, but free to education institutions with a compliant domain name). Because of this licensing, NcFTPd is not packaged with Fedora—you will not find it on this book’s DVD.
Do not confuse the ncftp
client with ncftpd
. The ncftp-3.1.7-4
package included with Fedora is the client software, a replacement for ftp-0.17-22
, and includes the ncftpget
and ncftpput
commands for transferring files via the command line or by using a remote file uniform resource locator address. ncftpd
is the FTP server, which can be downloaded from www.ncftpd.com
.
Another FTP server package for Linux is ProFTPD, licensed under the GNU GPL. This server works well with most Linux distributions and has been used by a number of Linux sites, including ftp.kernel.org
and ftp.sourceforge.net
. ProFTPD is actively maintained and updated for bug fixes and security enhancements. Its developers recommend that you use the latest release (1.2.10 at the time of this writing) to avoid exposure to exploits and vulnerabilities. Browse to http://www.proftpd.org to download a copy.
Yet another FTP server package is Bsdftpd-ssl
, which is based on the BSD ftpd
(and distributed under the BSD license). Bsdftpd-ssl
offers simultaneous standard and secure access using security extensions; secure access requires a special client. For more details, browse to http://bsdftpd-ssl.sc.ru/.
Finally, another alternative is to use Apache and the HTTP protocol for serving files. Using a web server to provide data downloads can reduce the need to monitor and maintain a separate software service (or directories) on your server. This approach to serving files also reduces system resource requirements and gives remote users a bit more flexibility when downloading (such as enabling them to download multiple files at once). See Chapter 21, “Apache Web Server Management,” for more information about using Apache.
As part of the Workstation installation, the client software for FTP is already installed. You can verify that FTP-related software is installed on your system by using the RPM (Red Hat Package Manager), grep
, and sort
commands in this query:
$ rpm -qa | grep ftp | sort
The sample results might differ, depending on what software packages are installed. In your Fedora file system, the /usr/bin/pftp
file is symbolically linked to /usr/bin/ftp
as well as the vsftpd
server under the /usr/sbin
directory. The base anonymous FTP directory structure is located under the /var/ftp
directory. Other installed packages include additional text-based and graphical FTP clients.
If vsftpd
is not installed, you can find it under Servers, FTP Server in the Add/Remove Software dialog.
If you host an FTP server connected to the Internet, make it a habit to always check the Fedora site, http://fedora.redhat.com, for up-to-date system errata and security and bug fixes for your server software.
Because the anonftp
and wu-ftpd
RPM packages are not included with Fedora, you must download and install them if you want to use the wu-ftpd
server. Retrieve the most recent packages for Linux from http://www.wu-ftpd.org/ to build from the latest source code or obtain RPM packages from a reputable mirror.
Refer to Chapter 7, “Managing Software,” for information on how to use RPM packages, and see Chapter 33, “C/C++ Programming Tools for Fedora,” for how to build software packages from source code archives.
After installing Fedora, an FTP user is created. This user is not a normal user per se, but a name for anonymous FTP users. The FTP user entry in /etc/passwd
looks like
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
The FTP user, as discussed here, applies to anonymous FTP configurations and server setup.
Also, note that other Linux distributions might use a different default directory, such as /usr/local/ftp
, for FTP files and anonymous users.
This entry follows the standard /etc/passwd
entry: username, password, user ID, group ID, comment field, home directory, and shell. To learn more about /etc/password
, see the section “The Password File” in Chapter 14, “Managing Users.”
Each item in this entry is separated by colons. In the preceding example, you can see that the Fedora system hosting the server uses shadowed password
because an x
is present in the traditional password field. The shadow password system is important because it adds an additional level of security to Fedora; the shadow password system is normally installed during the Fedora installation.
The FTP server software uses this user account to assign permissions to users connecting to the server. By using a default shell of /sbin/nologin
(as opposed to /bin/bash
or some other standard interactive shell) for anonymous FTP users, those users will be unable to log in as regular users. /sbin/nologin
is not a shell, but a program usually assigned to an account that has been locked. As root inspection of the /etc/shadow
file shows (see Listing 24.2), it is not possible to log in to this account, denoted by the use of *
as the password.
Example 24.2. Shadow Password File ftp
User Entry
#
cat /etc/shadow
bin:*:11899:0:99999:7:::
daemon:*:11899:0:99999:7:::
adm:*:11899:0:99999:7:::
lp:*:11899:0:99999:7:::
...
ftp:*:12276:0:99999:7:::
...
The shadow file (only a portion of which is shown in Listing 24.2) contains additional information not found in the standard /etc/passwd
file, such as account expiration, password expiration, whether the account is locked, and the encrypted password. The *
in the password field indicates that the account is not a standard login account; thus, it does not have a password.
Although shadow passwords are in use on the system, passwords are not transmitted in a secure manner when using FTP. Because FTP was written before the necessity of encryption and security, it does not provide the mechanics necessary to send encrypted passwords. Account information is sent in plain text on FTP servers; anyone with enough technical knowledge and a network sniffer can find the password for the account you connect to on the server. Many sites use an anonymous-only FTP server specifically to prevent normal account passwords from being transmitted over the Internet.
Figure 24.4 shows a portion of an ethereal
capture of an FTP session where you can see it has caught a user’s password being sent in clear text. The ethereal
client is a graphical browser used to display network traffic in real-time, and it can be used to watch packet data, such as an FTP login on a LAN.
xinetd
(pronounced “zy-net-d”) is the extended Internet services daemon, and handles incoming connections for network services. xinetd
is the preferred replacement for a similar tool (used with other Linux distributions and older Red Hat releases) called inetd
. However, in addition to several other improvements over inetd
, xinetd
allows you to apply individual access policies to different network connection requests, such as FTP.
This daemon controls a number of services on your system according to settings in configuration files under the /etc/xinetd.d
directory. This section shows you how to edit the appropriate files to enable the use of the wu-ftpd
FTP server.
When installing wu-ftp
using RPM, the RPM package might contain a xinetd
configuration file, /etc/xinetd.d/wu-ftpd
, as seen in Listing 24.3. You need to edit the file because its default settings disable incoming FTP requests.
Do not be confused by the first line of the wu-ftpd
file’s text. Even though the line reads default: on
, FTP service is off unless you specifically configure its use. The line is a comment because it begins with a pound sign (#
) and is ignored by xinetd
. Whether FTP service is on is determined by the text line disable = yes
.
Example 24.3. xinetd
Configuration File for wu-ftpd
# default: on # description: The wu-ftpd FTP server serves FTP connections. It uses # normal, unencrypted usernames and passwords for authentication. service ftp { disable = yes socket_type = stream wait = no user = root server = /usr/sbin/in.ftpd server_args = -l -a log_on_success += DURATION nice = 10 }
Using an editor, change the disable = yes
line to disable = no
. Save the file and exit the editor. You then must restart xinetd
because configuration files are parsed only at startup. To restart xinetd
as root, issue the command /etc/rc.d/init.d/xinetd restart
. This makes a call to the same shell script that is called at any runlevel to start or stop the xinetd
daemon (and thus start up or shut down the system). xinetd
should report its status as
# /etc/rc.d/init.d/xinetd restart
Stopping xinetd: [ OK ]
Starting xinetd: [ OK ]
After it is restarted, the FTP server is accessible to all incoming requests.
Previous versions of Red Hat’s Linux distributions required you to edit a file named vsftp
under the /etc/xinetd.d
directory in order to enable and start the Very Secure FTP server, vsftpd
. With Fedora, you can now simply use the system-config-services
client or service
command to start vsftpd
. For example, start the server using the service
command like this:
# service vsftpd start
Starting vsftpd for vsftpd: [ OK ]
Use the system-config-services
client or service
command to start, stop, or restart the vsftpd
server. Do not run two FTP servers on your system at the same time!
You can also use the shell script named vsftpd
under the /etc/rc.d/init.d
directory to start, stop, restart, and query the vsftpd
server. You must have root permission to use the vsftpd
script to control the server, but any user can query the server (to see whether it is running and to see its process ID number) using the status
keyword like this:
$ /etc/rc.d/init.d/vsftpd status
The vsftpd
server, although not as popular as wu-ftpd
, is used by Red Hat, Inc. for its FTP server operations. (The vsftpd
server home page is located at http://vsftpd.beasts.org/.) The server offers features such as simplicity, security, and speed. It has been used by a number of sites, such as ftp.debian.org
, ftp.gnu.org
, rpmfind.net
, and ftp.gimp.org
. Note that despite its name, the Very Secure FTP server does not enable use of encrypted usernames or passwords.
Its main configuration file is vsftpd.conf
, which resides under the /etc/vsftpd
directory. The server has a number of features and default policies, but these can be overridden by changing the installed configuration file.
By default, anonymous logins are enabled, but users are not allowed to upload files, create new directories, or delete or rename files. The configuration file installed by Fedora allows local users (that is, users with a login and shell account) to log in and access their home directory. This configuration presents potential security risks because usernames and passwords are passed without encryption over a network. The best policy is to deny your users access to the server from their user accounts. The standard vsftpd
configuration disables this feature.
Toggling anonymous access features for your FTP server is done by editing the vsftpd.conf
file and changing related entries to YES
or NO
in the file. Settings to control how the server works for anonymous logins include
anonymous_enable
—. Enabled by default. Use a setting of NO
, and then restart the server to turn off anonymous access.
anon_mkdir_write_enable
—. Allows or disallows creating of new directories.
anon_other_write_enable
—. Allows or disallows deleting or renaming of files and directories.
anon_upload_enable
—. Controls whether anonymous users can upload files (also depends on the global write_enable
setting). This is a potential security and liability hazard and should rarely be used; if enabled, consistently monitor any designated upload directory.
anon_world_readable_only
—. Allows anonymous users to download only files with world-readable (444) permission.
After making any changes to your server configuration file, make sure to restart the server; doing so forces vsftpd
to reread its settings.
You can edit vsftpd.conf
to enable, disable, and configure many features and settings of the vsftpd
server, such as user access, filtering of bogus passwords, and access logging. Some features might require the creation and configuration of other files, such as
/etc/vsftpd.user_list
—. Used by the userlist_enable
and/or the userlist_deny
options; the file contains a list of usernames to be denied access to the server.
/etc/vsftpd.chroot_list
—. Used by the chroot_list_enable
and/or chroot_local_user
options, this file contains a list of users who are either allowed or denied access to a home directory. An alternative file can be specified using the chroot_list_file
option.
/etc/vsftpd.banned_emails
—. A list of anonymous password entries used to deny access if the deny_email_enable
setting is enabled. An alternative file can be specified using the banned_email
option.
/var/log/vsftpd.log
—. Data transfer information is captured to this file if logging is enabled using the xferlog_enable
setting.
The contents of a file named .message
(if it exists in the current directory) are displayed when a user enters the directory. This feature is enabled in the installed configuration file, but disabled by the daemon. FTP users are also not allowed to perform recursive directory listings, which can help reduce bandwidth use.
The PASV data connection method is enabled to let external users know the IP address of the FTP server. This is a common problem when using FTP from behind a firewall/gateway using IP masquerading or when incoming data connections are disabled. For example, here is a connection to an FTP server (running ProFTPD), an attempt to view a directory listing, and the resulting need to use ftp
’s internal passive
command:
$ ftp ftp.tux.org Connected to gwyn.tux.org. 220 ProFTPD 1.2.5rc1 Server (ProFTPD on ftp.tux.org) [gwyn.tux.org] 500 AUTH not understood. KERBEROS_V4 rejected as an authentication type Name (ftp.tux.org:gbush): gbush 331 Password required for gbush. Password: 230 User gbush logged in. Remote system type is UNIX. Using binary mode to transfer files. ftp> cd public_html 250 CWD command successful. ftp> ls 500 Illegal PORT command. ftp: bind: Address already in use ftp> ftp> pass Passive mode on. ftp> ls 227 Entering Passive Mode (204,86,112,12,187,89). 150 Opening ASCII mode data connection for file list -rw-r--r-- 1 gbush gbush 8470 Jan 10 2000 LinuxUnleashed.gif -rw-r--r-- 1 gbush gbush 4407 Oct 4 2001 RHU72ed.gif -rw-r--r-- 1 gbush gbush 6732 May 18 2000 SuSEUnleashed.jpg -rw-r--r-- 1 gbush gbush 6175 Jan 10 2000 TYSUSE.gif -rw-r--r-- 1 gbush gbush 3135 Jan 10 2000 TZones.gif ...
Browse to http://slacksite.com/other/ftp.html for a detailed discussion regarding active and passive FTP modes and the effect of firewall blocking of service ports on FTP server and client connections.
Other default settings are that specific user login controls are not set, but you can configure the controls to deny access to one or more users.
The data transfer rate for anonymous client access is unlimited, but a maximum rate (in bytes per second) can be set using the anon_max_rate
setting in vsftpd.conf
. This can be useful for throttling bandwidth use during periods of heavy access. Another default is that remote clients are logged out after five minutes of idle activity or a stalled data transfer. You can set idle and transfer timeouts (stalled connections) separately.
Other settings that might be important for managing your system’s resources (networking bandwidth or memory) when offering FTP access include
dirlist_enable
—. Toggles directory listings on or off.
dirmessage_enable
—. Toggles display of a message when user enters a directory. A related setting is ls_recurse_enable
, which can be used to disallow recursive directory listings.
download_enable
—. Toggles downloading on or off.
max_clients
—. Sets a limit on the maximum number of connections.
max_per_ip
—. Sets a limit on the number of connections from the same IP address.
wu-ftp
uses a number of configuration files to control how it operates, including the following:
ftpaccess
—. Contains the majority of server configuration settings
ftpconversions
—. Contains definitions of file conversions during transfers
ftphosts
—. Holds settings to control user access from specific hosts
These files may be created in the /etc
directory during RPM installation, or may be created by a system administrator. The following sections describe each of these files and how to use the commands they contain to configure the wu-ftp
server so that it is accessible to all incoming requests.
When configuring an anonymous FTP server, it is extremely important to ensure that all security precautions are taken to prevent malicious users from gaining privileged level access to the server. Although this chapter shows you how to configure your FTP server for secure use, all machines connected to the Internet are potential targets for malicious attacks. Vulnerable systems can be a source of potential liability, especially if anyone accesses and uses them to store illegal copies of proprietary software—even temporarily. There is little value in configuring a secure FTP server if the rest of the system is still vulnerable to attack. Use Red Hat’s lokkit
or system-config-securitylevel
client to implement a firewall on your system.
Before editing the FTP server files, make a backup file first. Also, it is always a good idea to comment out (using a pound sign at the beginning of a line) what is changed instead of deleting or overwriting entries. Follow these comments with a brief description why the change was made. This leaves a nice audit trail of what was done, by whom, when, and why. If you have any problems with the configuration, these comments and details can help you troubleshoot and return to valid entries if necessary. You can use the rpm
command or other Linux tools (such as mc
) to extract a fresh copy of a configuration file from the software’s RPM archive. Be aware, however, that the extracted version replaces the current version and overwrites your configuration changes.
Back up the FTP server configuration files to another machine, in case any of the working copies should become corrupt. There might be a need to replicate server configurations across multiple hosts or revert back to an original copy of the defaults at some point in time. By making regular backups before changing a file, you guarantee that the changes can be undone and a working server restored with minimal downtime.
The ftpaccess
file contains most of the server configuration details. Each line contains a definition or parameter that is passed to the server to specify how the server is to operate. The directives can be broken down into the following categories, including
Access Control—. Settings that determine who can access the FTP server and how it is accessed
Information—. Settings that determine what information is provided by the server or displayed to a user
Logging—. Settings that determine whether logging is enabled and what information is logged
Permission Control—. Settings that control the behavior of users when accessing the server; in other words, what actions users are allowed to perform, such as create a directory, upload a file, delete a file or directory, and so on
You can edit the ftpaccess
file at the command line to make configuration changes in any of these categories. The following sections describe some configuration changes and how to edit these files to accomplish them.
Controlling which users can access the FTP server and how they can do so are critical parts of system security. Use the following entries in the ftpaccess
file to specify to which group the user accessing the server is assigned.
This command imposes increased security on the anonymous user:
autogroup <groupname> <class> [<class>]
If the anonymous user is a member of a group, he is allowed access to only files and directories owned by him or his group. The group must be a valid group from /etc/groups
or /var/ftp/etc/groups
.
This command defines a class of users by the address to which the user is connected:
class <class> <typelist> <addrglob> [<addrglob>]
There might be multiple members for a class of users, and multiple classes might apply to individual members. When multiple classes apply to one user, the first class that applies is used.
The typelist
field is a comma-separated list of the keywords anonymous
, guest
, and real
. anonymous
applies to the anonymous user, and guest
applies to the guest access account, as specified in the guestgroup
directive. real
defines those users who have a valid entry in the /etc/passwd
file.
The addrglob
field is a regular expression that specifies addresses to which the class is to be applied. The (*
) entry specifies all hosts.
Sometimes it is necessary to block entire hosts from accessing the server. This can be useful to protect the system from individual hosts or entire blocks of IP addresses, or to force the use of other servers. Use this command to do so:
deny <addrglob> <message_file>
deny
always denies access to hosts that match a given address.
addrglob
is a regular expression field that contains a list of addresses, either numeric or a DNS name. This field can also be a file reference that contains a listing of addresses. If the address is a file reference, it must be an absolute file reference; that is, starting with a /
. To ensure that IP addresses can be mapped to a valid domain name, use the !nameserver
parameter.
A sample deny
line resembles the following:
deny *.exodous.net /home/ftp/.message_exodous_deny
This entry denies access to the FTP server from all users who are coming from the exodous.net domain, and displays the message contained in the .message_exoduous_deny
file in the /home/ftp
directory.
The guestgroup
line assigns a given group name or group names to behave exactly like the anonymous user. Here is the command:
guestgroup <groupname> [<groupname>]
This command confines the users to a specific directory structure in the same way anonymous users are confined to /var/ftp
. This command also limits these users to access files for which their assigned group has permissions.
The groupname
parameter can be the name of a group or that group’s corresponding group ID (GID). If you use a GID as the groupname
parameter, put a percentage symbol (%
) in front of it. You can use this command to assign permissions to a range of group IDs, as in this example:
guestgroup %500-550
This entry restricts all users with the group IDs 500–550 to being treated as a guest group, rather than individual users. For guestgroup
to work, you must set up the users’ home directories with the correct permissions, exactly like the anonymous FTP user.
The guestuser
line works exactly like the guestgroup
command you just read about, except it specifies a user ID (UID) instead of a group ID. Here’s the command:
guestuser <username> [<username>]
This command limits the guest user to files for which the user has privileges. Generally, a user has more privileges than a group, so this type of assignment can be less restrictive than the guestgroup
line.
limit
restricts the number of users in a class during given times. Here is the command, which contains fields for specifying a class, a number of users, a time range, and the name of a text file that contains an appropriate message:
limit <class> <n> <times> <message_file>
If the specified number of users from the listed class is exceeded during the given time period, the user sees the contents of the file given in the message_file
parameter.
The times
parameter is somewhat terse. Its format is a comma-delimited string in the form of days, hours. Valid day strings are Su
, Mo
, Tu
, We
, Th
, Fr
, Sa
, and Any
. The hours string is formatted in a 24-hour format. An example is as follows:
limit anonymous 10 MoTuWeThFr,Sa0000-2300 /home/ftp/.message_limit_anon_class
This line limits the anonymous class to 10 concurrent connections on Monday through Friday, and on Saturday from midnight to 11:00 p.m. For example, if the number of concurrent connections is exceeded at 11:00 p.m. on Saturday, the users will see the contents of the file /home/ftp/.message_limit_anon_class
.
Syntax for finer control over limiting user connections can be found in the ftpaccess
man page.
This line allows control over how many times a user can enter an invalid password before the FTP server terminates the session:
loginfails <number>
The default for loginfails
is set to 5
. This command prevents users without valid passwords from experimenting until they get it right.
Providing users with information about the server and its use is a good practice for any administrator of a public FTP server. Adequate user information can help prevent user problems and eliminate tech support calls. You also can use this information to inform users of restrictions governing the use of your FTP server. User information gives you an excellent way to document how your FTP server should be used.
You can use the commands detailed in the following sections to display messages to users as they log in to the server and as they perform specific actions. The following commands enable messages to be displayed to users when logging in to the server and when an action is performed.
This command is a reference to a file that is displayed before the user receives a login prompt from the FTP server:
banner <path>
This file generally contains information to identify the server. The path is an absolute pathname relative to the system root (/
), not the base of the anonymous FTP user’s home. The entry might look like this:
banner /etc/rh8ftp.banner
This example uses the file named rh8ftp.banner
under the /etc
directory. The file can contain one or more lines of text, such as
Welcome to Widget, Inc.'s Red Hat Linux FTP server. This server is only for use of authorized users. Third-party developers should use a mirror site.
When an FTP user attempts to log in, the banner is displayed like so:
$ ftp shuttle2
Connected to shuttle2.home.org.
220-Welcome to Widget, Inc.'s Red Hat Linux FTP server.
220-This server is only for use of authorized users.
220-Third-party developers should use a mirror site.
220-
220-
220 shuttle2 FTP server (Version wu-2.6.2-8) ready.
504 AUTH GSSAPI not supported.
504 AUTH KERBEROS_V4 not supported.
KERBEROS_V4 rejected as an authentication type
Name (shuttle2:phudson):
Note that the banner does not replace the greeting text that, by default, displays the hostname and server information, such as
220 shuttle2 FTP server (Version wu-2.6.2-8) ready.
To hide version information, use the greeting
command in ftpaccess
with a keyword, such as terse
, like so:
greeting terse
FTP users will then see a short message like this as part of the login text:
220 FTP server ready.
Also, not all FTP clients can handle multiline responses from the FTP server. The banner <path>
command is how the banner line passes the file contents to the client. If a client cannot interrupt multiline responses, the FTP server is useless to them. You should also edit the default banner to remove identity and version information.
This line specifies a text file to be displayed to the user during login and when the user issues the cd
command:
message <path> {<when> {<class> ...}}
The optional when
clause can be LOGIN
or CWD=(dir)
, where dir
is the name of a directory that is current. The optional class
parameter enables messages to be shown to only a given class or classes of users.
Using messages is a good way to give information about where things are on your site as well as information that is system dependent, such as alternative sites, general policies regarding available data, server availability times, and so on.
You can use magic cookies to breathe life into your displayed messages. Magic cookies are symbolic constants that are replaced by system information. Table 24.1 lists the message
command’s valid magic cookies and their representations.
Table 24.1. Magic Cookies and Their Descriptions
Cookie | Description |
---|---|
| Local time (form |
| Free space in partition of CWD (kilobytes) [Not supported on all systems] |
| Current working directory |
| Maintainer’s email address as defined in |
| Remote hostname |
| Local hostname |
| Username as determined via RFC931 authentication |
| Username given at login time |
| Maximum allowed number of users in this class |
| Current number of users in this class |
| Absolute limit on disk blocks allocated |
| Preferred limit on disk blocks |
| Current block count |
| Maximum number of allocated inodes (+1) |
| Preferred inode limit |
| Current number of allocated inodes |
| Time limit for excessive disk use |
| Time limit for excessive files |
Ratios | |
| Uploaded bytes |
| Downloaded bytes |
| Upload/download ratio (1:n) |
| Credit bytes |
| Time limit (minutes) |
| Elapsed time since login (minutes) |
| Time left |
| Upload limit |
| Download limit |
To understand how this command works, imagine that you want to display a welcome message to everyone who logs in to the FTP server. An entry of
message /home/ftp/welcome.msg login message /welcome.msg login
shows the contents of the welcome.msg
file to all real users who log in to the server. The second entry shows the same message to the anonymous user.
The welcome.msg
file is not created with the installation of the RPM, but you can create it using a text editor. Type the following:
Welcome to the anonymous ftp service on %L! There are %N out of %M users logged in. Current system time is %T Please send email to %E if there are any problems with this service. Your current working directory is %C
Save this file as /var/ftp/welcome.msg
. Verify that it works by connecting to the FTP server:
220 FTP server ready. 504 AUTH GSSAPI not supported. 504 AUTH KERBEROS_V4 not supported. KERBEROS_V4 rejected as an authentication type Name (shuttle:phudson): anonymous 331 Guest login ok, send your complete e-mail address as password. Password: 230-Welcome to the anonymous ftp service on shuttle.home.org! 230- 230-There are 1 out of unlimited users logged in. 230- 230-Current system time is Mon Nov 3 10:57:06 2003 230- 230-Please send email to root@localhost if there are 230-any problems with this service. 230-Your current working directory is /
This line sets the email address for the FTP administrator:
email <name>
This string is printed whenever the %E
magic cookie is specified. This magic cookie is used in the message line or in the shutdown file. You should display this string to users in the login banner message so that they know how to contact you (the administrator) in case of problems with the FTP server.
The readme
line tells the server if a notification should be displayed to the user when a specific file was last modified. Here’s the command:
readme <path> {<when {<class>}}
The path
parameter is any valid path for the user. The optional when
parameter is exactly as seen in the message line. class
can be one or more classes as defined in the class file. The path
is absolute for real users. For the anonymous user, the path
is relative to the anonymous home directory, which is /var/ftp
by default.
Part of system administration involves reviewing log files for what the server is doing, who accessed it, what files were transferred, and other pieces of important information. You can use a number of commands within /etc/ftpacess
to control your FTP server’s logging actions.
This line allows the administrator to redirect where logging information from the FTP server is recorded:
log <syslog>{+<xferlog>}
By default, the information for commands is stored in /var/log/messages
, although the man pages packaged in some RPMs state that this information is written to /var/log/xferlog
. Check your server’s settings for information regarding the location of your file transfer logs.
This line enables logging for all commands issued by the user:
log commands [<typelist>]
typelist
is a comma-separated list of anonymous
, guest
, and real
. If no typelist
is given, commands are logged for all users. Some wu-ftpd
RPMs set the logging of all file transfers to /var/log/xferlog
(see the next section). However, you can add the log
command to ftpaccess
with the commands
keyword to capture user actions. Logging is then turned on and user actions are captured in /var/log/messages
. Here is a sample log file:
Oct 6 12:21:42 shuttle2 ftpd[5229]: USER anonymous Oct 6 12:21:51 shuttle2 ftpd[5229]: PASS [email protected] Oct 6 12:21:51 shuttle2 ftpd[5229]: ANONYMOUS FTP LOGIN FROM 192.168.2.31 [192.168.2.31], [email protected] Oct 6 12:21:51 shuttle2 ftpd[5229]: SYST Oct 6 12:21:54 shuttle2 ftpd[5229]: CWD pub Oct 6 12:21:57 shuttle2 ftpd[5229]: PASV Oct 6 12:21:57 shuttle2 ftpd[5229]: LIST Oct 6 12:21:59 shuttle2 ftpd[5229]: QUIT Oct 6 12:21:59 shuttle2 ftpd[5229]: FTP session closed
The sample log shows the username and password entries for an anonymous login. The CWD
entry shows that a cd
command is used to navigate to the pub
directory. Note that the commands shown do not necessarily reflect the syntax the user typed, but instead list corresponding system calls the FTP server received. For example, the LIST
entry is actually the ls
command.
Two other logging commands are useful in the /etc/ftpaccess
configuration file. This line enables the logging of security violations:
log security [<typelist>]
Violations are logged for anonymous, guest, and real users, as specified in the typelist
—the same as other log
commands. If you do not specify a typelist
, security violations for all users will be logged.
This line writes a log of all files transferred to and from the server:
log transfers [<typelist> [<directions>]]
typelist
is the same as in log commands and log security lines. directions
is a comma-separated list of the keywords inbound
for uploaded files and outbound
for downloaded files. If no directions
list is given, both uploaded and downloaded files will be logged. Inbound and outbound logging is turned on by default.
Controlling user activity is an important component of securing your system’s server. The ftpaccess
file includes a number of commands that enable you to determine what users can and cannot execute during an FTP session. You can use these permission controls to allow users to change file permissions, delete and overwrite files, rename files, and create new files with default permissions. You learn how to use all these ftpaccess
file command lines in the following sections.
By default, all the ftpaccess
file command lines prohibit anonymous users from executing actions and enable authorized users to do so.
The chmod
line determines whether a user has the ability to change a file’s permissions. Here is the command line:
chmod <yes|no> <typelist>
This command acts the same as the standard chmod
command.
The yes|no
parameter designates whether the command can be executed. typelist
is a comma-delimited string of the keywords anonymous
, guest
, and real
. If you do not specify a typelist
string, the command will be applied to all users. An exhaustive description of its purpose and parameters can be found in the man page.
The delete
line determines whether the user can delete files with the rm
command. Here’s the command line:
delete<yes|no> <typelist>
The yes|no
parameter is used to turn this permission on or off, and typelist
is the same as the chmod
command.
This command line of the ftpaccess
file allows or denies users the ability to overwrite an existing file. Here’s the command line:
overwrite <yes|no> <typelist>
The FTP client determines whether users can overwrite files on their own local machines; this line specifically controls overwrite permissions for uploads to the server. The yes|no
parameter toggles the permission on or off, and typelist
is the same as in the chmod
line.
You can enable or prevent a user from renaming files using this command line:
rename <yes|no> <typelist>
The yes|no
parameter toggles the permission on or off, and typelist
is the same comma-delimited string as in chmod
.
This line determines whether the user is able to use the compress
command on files:
compress <yes|no> [<classglob>]
The yes|no
parameter toggles the permission on or off, and classglob
is a regular expression string that specifies one or more defined classes of users. The conversions that result from the use of this command are specified in the ftpconversions
file, which contains directions on what compression or extraction command is to be used on a file with a specific extension, such as .Z
for the compress
command, .gz
for the gunzip
command, and so on. See the section “Configure FTP Server File-Conversion Actions” later in this chapter.
This line determines whether the user is able to use the tar
(tape archive) command on files:
tar <yes|no> [<classglob> ...]
The yes|no
parameter toggles the permission on or off, and classglob
is a regular expression string that specifies one or more defined classes of users. Again, the conversions that result from the use of this command are specified in the ftpconversions
file.
This line is a bit different from the other commands in the permission control section. The umask
command determines with what permissions a user can create new files; here it is.
umask <yes|no> <typelist>
The yes|no
parameter toggles based on whether a user is allowed to create a file with his default permissions when uploading a file. Like the overwrite
command you read about earlier in this section, this command line is specific to uploaded files because the client machine determines how new files are created from a download.
This alias
command allows the administrator to provide another name for a directory other than its standard name:
alias <string> <dir>
The alias
line applies to only the cd
command. This line is particularly useful if a popular directory is buried deep within the anonymous FTP user’s directory tree. The following is a sample entry:
alias linux-386 /pub/redhat/7.3/en/i386/
This line would allow the user to type cd linux-386
and be automatically taken to the /pub/redhat/7.3/en/i386
directory.
The cdpath <dir>
line specifies the order in which the cd
command looks for a given user-entered string. The search is performed in the order in which the cdpath
lines are entered in the ftpacess
file.
For example, if the following cdpath
entries are in the ftpaccess
file,
cdpath /pub/redhat/ cdpath /pub/linux/
and the user types cd i386
, the server searches for an entry in any defined aliases first in the /pub/redhat
directory and then in the /pub/linux
directory. If a large number of aliases are defined, it is recommended that symbolic links to the directories be created instead of aliases. Doing so reduces the amount of work on the FTP server and decreases the wait time for the user.
The shutdown
command tells the server where to look for the shutdown
message generated by the ftpshut
command or by the user. The shutdown
command is used with a pathname to a shutdown file, such as
shudown /etc/rh8ftpshutdown
If this file exists, the server checks the file to see when the server should shut down. The syntax of this file is as follows:
<year> <month> <day> <hour> <minute> <deny_offset> <disc_offset> <text>
year
can be any year after 1970 (called the epoch), month
is from 0–11, hour
is 0–23, and minute
is 0–59. deny_offset
is the number of minutes before shutdown in which the server disallows new connections. disc_offset
is the number of minutes before connected users are disconnected, and text
is the message displayed to the users at login. In addition to the valid magic cookies defined in the messages section, those listed in Table 24.2 are also available.
The FTP server can convert files during transfer to compress and uncompress files automatically. Suppose that the user is transferring a file to his Microsoft Windows machine that was TARed and GZIPed on a Linux machine. If the user does not have an archive utility installed to uncompress these files, he cannot access or use the files.
As the FTP server administrator, you can configure the FTP server to automatically unarchive these files before download if the site supports users who do not have unarchive capabilities. Additionally, you can configure an upload area for the users, and then configure the FTP server to automatically compress any files transferred to the server.
The structure of the format of the ftpconversions
file is
1:2:3:4:5:6:7:8
where 1
is the strip prefix, 2
is the strip postfix, 3
is the add-on prefix, 4
is the add-on postfix, 5
is the external command, 6
is the types, 7
is the options, and 8
is the description.
The strip prefix is one or more characters at the beginning of a filename that should be automatically removed by the server when the file is requested. By specifying a given prefix to strip in a conversions rule, such as devel
, the user can request the file devel_procman.tar.gz
by the command get procman.tar.gz
, and the FTP server performs any other rules that apply to that file and retrieve it from the server. Although this feature is documented, as of version 2.6.2, it has yet to be implemented.
The strip postfix works much the same as the strip prefix, except that one or more characters are taken from the end of the filename. This feature is typically used to strip the .gz
extension from a file that has been TARed and GZIPed when the server performs automatic decompression before sending the file to the client.
The add-on prefix conversion instructs the server to insert one or more characters to a filename before it is transferred to the server or client. For example, assume that a user requests the file procman.tar.gz
. The server has a conversion rule to add a prefix of gnome
to all .tar.gz
files; therefore the server would append this string to the file before sending it to the client. The user would receive a file called gnome_procman.tar.gz
. Keywords such as uppercase
and lowercase
can be used in this function to change the case of the filename for those operating systems in which case makes a difference. As with the strip prefix conversion, this feature is not yet implemented in version 2.6.2.
An add-on postfix instructs the server to append one or more characters to the end of a filename during the transfer or reception of a file. A server can contain TARed packages of applications that are uncompressed. If an add-on postfix conversion is configured on the server, the server could compress the file, append a .gz
extension after the file was compressed, and then send that file to the client. The server could also perform the same action for uncompressed files sent to the server. This would have the effect of conserving disk space on the server.
The external command entries in the ftpconversions
file contain the bulk of the FTP server conversion rules. The external command entry tells the server what should be done with a file after it is transferred to the server. The specified conversion utility can be any command on the server, although generally it is a compression utility. As the file is sent, the server passes the file through the external command. If the file is being uploaded to the server, the command needs to send the result to standard in, whereas a download sends the result to standard out. For example, here is an entry specifying the tar
command:
: : :.tar:/bin/tar -c -f - %s:T_REG|T_DIR:O_TAR:TAR
The following sections describe the fields in a conversion entry.
You must use the types field of the ftpconversions
file to tell the server what types of files the conversion rules apply to. Separate the file type entries with the (|
) character, and give each type
a value of T_REG
, T_ASCII
, and T_DIR
.
T_REG
signifies a regular file, T_ASCII
an ASCII file, and T_DIR
a directory. A typical entry is T_REG | T_ASCII
, which signifies a regular ASCII file.
The options field informs the server what action is being done to the file. Similar to the types field, options are separated by the (|
) character. Here are the valid ranges you can assign to items in the options field:
O_COMPRESS
to compress the file
O_UNCOMPRESS
to uncompress the file
O_TAR
to tar the file
An example of this field is O_COMPRESS | O_TAR
, where files are both compressed and TARed.
The description field allows an administrator to quickly understand what the rule is doing. This field does not have any syntax restriction, although it is usually a one-word entry—such as TAR
, TAR+COMPRESS
, or UNCOMPRESS
—which is enough to get the concept across.
Crafting complex conversion entries is a task perhaps best left to the Linux/UNIX expert, but the sample ftpconversions
file included with wu-ftpd
provides more than enough examples for the average Red Hat administrator. Building your own simple conversion entry is not really too difficult, so let’s examine and decode an example:
:.Z: : :/bin/compress -d -c %s:T_REG|T_ASCII:O_UNCOMPRESS:UNCOMPRESS
In this example, the strip prefix (field 1) is null
because it is not yet implemented, so this rule does not apply to prefixes. The second field of this rule contains the .Z
postfix; therefore it deals with files that have been compressed with the compress
utility. The rule does not address the add-on prefix or postfix, so fields 3 and 4 are null
. Field 5, the external command field, tells the server to run the compress
utility to decompress all files that have the .Z
extension, as the -d
parameter signifies. The -c
options tells compress
to write its output to standard out, which is the server in this case. The %s
is the name of the file that the rule was applied against. Field 6 specifies that this file is a regular file in ASCII format. Field 7, the options field, tells the server that this command uncompresses the file. Finally, the last field is a comment that gives the administrator a quick decode of what the conversion rule is doing; that is, uncompressing the file.
The purpose of the ftphosts
file is to allow or deny specific users or addresses from connecting to the FTP server. The format of the file is the word allow
or deny
, optionally followed by a username, followed by an IP or a DNS address.
allow username address deny username address
Listing 24.4 shows a sample configuration of this file.
Example 24.4. ftphosts
Configuration File for Allowing or Denying Users
# Example host access file # # Everything after a '#' is treated as comment, # empty lines are ignored allow tdc 128.0.0.1 allow tdc 192.168.101.* allow tdc insanepenguin.net allow tdc *.exodous.net deny anonymous 201.* deny anonymous *.pilot.net
The *
is a wildcard that matches any combination of that address. For example, allow tdc *.exodous.net
allows the user tdc
to log in to the FTP server from any address that contains the domain name exodous.net. Similarly, the anonymous user is not allowed to access the FTP if he is coming from a 201 public class C IP address.
Changes made to your system’s FTP server configuration files become active only after you restart xinetd
because configuration files are parsed only at startup. To restart xinetd
as root, issue the command /etc/rc.d/init.d/xinetd restart
. This makes a call to the same shell script that is called at system startup and shutdown for any runlevel to start or stop the xinet
daemon. xinetd
should report its status as
# /etc/rc.d/init.d/xinetd restart
Stopping xinetd: [ OK ]
Starting xinetd: [ OK ]
When the FTP server restarts, it is accessible to all incoming requests.
wu-ftp
provides a few commands to aid in server administration. Those commands are
ftpwho
—. Displays information about current FTP server users
ftpcount
—. Displays information about current server users by class
ftpshut
—. Provides automated server shutdown and user notification
ftprestart
—. Provides automated server restart and shutdown message removal
Each of these commands must be executed with superuser privileges because they reference the ftpaccess
configuration file to obtain information about the FTP server.
The ftpwho
command provides information about the users currently connected to the FTP server. Here’s the command line:
/usr/bin/ftpwho
Table 24.3 shows the format of the output ftpwho
displays.
Table 24.3. ftpwho
Fields
Name | Description |
---|---|
Process ID | The process ID of the FTP server process. |
TTY | The terminal ID of the process. This is always a question mark ( |
Status | The status of the FTP process. The values are
|
Time | The elapsed processor time the process has used in minutes and seconds. |
Details | Tells what host the process is connecting from, the user who connected, and the currently executing command that is executing. |
Listing 24.5 shows typical output from this command. It lists the process ID for the ftp
daemon handling requests, the class that the particular user belongs to, the total time connected, what username the user is connected as, and the status of his session.
In addition to the information given about each connected user, ftpwho
also displays the total number of users connected out of any maximum that has been set in the ftpaccess
file. This information can be used to monitor the use of your FTP server.
You can pass one parameter to ftpwho
. (You can find the parameter by using the ftpwho--help
command.) The single parameter you can pass to ftpwho
is -v
. This parameter prints out version and licensing information for wu-ftp
, as shown here:
# ftpwho Service class all: 10447 ? SN 0:00 ftpd: localhost: anonymous/[email protected]: IDLE 1 users (no maximum)
The output of ftpwho
, using the -V
option, which shows version information, is shown in Listing 24.5.
Example 24.5. ftpwho -V
Command Output
Copyright © 1999,2000,2001 WU-FTPD Development Group. All rights reserved. Portions Copyright © 1980, 1985, 1988, 1989, 1990, 1991, 1993, 1994 The Regents of the University of California. Portions Copyright © 1993, 1994 Washington University in Saint Louis. Portions Copyright © 1996, 1998 Berkeley Software Design, Inc. Portions Copyright © 1989 Massachusetts Institute of Technology. Portions Copyright © 1998 Sendmail, Inc. Portions Copyright © 1983, 1995, 1996, 1997 Eric P. Allman. Portions Copyright © 1997 by Stan Barber. Portions Copyright © 1997 by Kent Landfield. Portions Copyright © 1991, 1992, 1993, 1994, 1995, 1996, 1997 Free Software Foundation, Inc. Use and distribution of this software and its source code are governed by the terms and conditions of the WU-FTPD Software License ("LICENSE"). If you did not receive a copy of the license, it may be obtained online at http://www.wu-ftpd.org/license.html. Version wu-2.6.2-8
/usr/bin/ftpcount
counts the number of connected users to the FTP server and the maximum number of users allowed. This same information is found at the end of the output for the ftpwho
command. This command only takes one parameter, -V
, which displays the same output as the previous ftpwho
example.
# ftpcount
Service class all - 4 users (no maximum)
As with any public server administration, it is always good practice to let users of the FTP server know about upcoming outages, when the server will be updated, and other relevant site information. The ftpshut
command allows the administrator to let the FTP server do much of this automatically.
The ftpshut
command allows the administrator to take down the FTP server at a specific time based on some parameters passed to it. The format of the command is as follows and is documented in the ftpshut
man page:
ftpshut [ -V ] [ -l min] [ -d min] time [ warning-message ... ]
The -V
parameter displays the version information of the command. The time
parameter is the time when the ftpshut
command will stop the FTP servers. This parameter takes either a +
number for the number of minutes from the current time, or a specific hour and minute in 24-hour clock format with the syntax of HH:MM
.
The -l
parameter allows the FTP server administrator to specify how long, in minutes, before shutdown the server disallows new connections. The default is 10 minutes. If the time given to shut down the servers is less than 10 minutes, new connections are disallowed immediately.
The -d
parameter is similar to the -l
parameter, but controls when the FTP server terminates the current connections. By default, this occurs five minutes before the server shuts down. If the shutdown time is less than five minutes, the server terminates the current connections immediately.
When you execute this command, the FTP server creates a file containing the shutdown information in the location specified under the shutdown section in the ftpaccess
file.
The default configuration for this file is /etc/shutmsg
. If you execute the ftpshut
command with warning messages, the messages are displayed when the user logs in to the server.
Name (pheniox:tdc): anonymous
331 Guest login ok, send your complete e-mail address as password.
Password:
230-system doing down at Mon Sep 3 06:23:00 2001
230-0 users of unlimited on pheniox.
230 Guest login ok, access restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
Here is a sample ftpshut
command:
ftpshut -l 5 -d 5 +10 "system going down at %s %N users of %M on %R"
This command tells the FTP server to disconnect new connections in 5 minutes, drop all current connections in 5 minutes, shut down the server in 10 minutes, and display a warning message to the users at login. The message can be a mixture of text and the magic cookies defined in Table 24.4. It is important to keep in mind that the message can be a maximum of 75 characters in length. Additionally, it is not important to know how many characters the magic cookies take because the system knows this information and truncates the message at 75 characters.
Table 24.4. Magic Cookies for the ftpshut
Command
Cookie | Description |
---|---|
| Time the system will be shut down |
| Time new connections will be denied |
| Time current connections will be dropped |
| Current working directory |
| Server administrator’s email address as specified in the |
| Available free space in the current working directories partition, in kilobytes |
| Local host time |
| Maximum number of allowed connections in this user class |
| Current number of connections for this user class |
| Remote hostname |
| Local time, in the form of |
| Username given at login |
When ftpshut
is issued to the system, it creates a file that stores the necessary information. The ftprestart
command removes this file for all servers, either canceling the impending shutdown or removing the shutdown file and restarting the FTP server. The ftprestart
has only one optional argument, -V
, to show version information.
The xferlog
file gives a log of what transactions have occurred with the FTP server. Depending on the settings in the /etc/ftpaccess
file, the contents of this file can contain the files sent or received, by who, with a date stamp. Table 24.5 lists the fields of this file. The same information can also be found in the corresponding man page included in the wu-ftp
RPM.
Table 24.5. /var/log/xferlog
Fields
Field | Description |
---|---|
| Current local time in the form of DDD MMM dd hh:mm:ss YYYY, where DDD is the day of the week, MMM is the month, dd is the day of the month, hh is the hour, mm is the minutes, ss is the seconds, and YYYY is the year. |
| Total time in seconds for the transfer. |
| Remote hostname. |
| Size of the transferred file in bytes. |
| Name of the file. |
| A single character indicating the transfer type. The types are
|
| One or more character flags indicating any special action taken by the server. The values are
|
| Indicates whether the file was sent from or received by the server. |
| The way in which the user logged in to the server. The values are
|
| If logged in as a real user, the username. If the access mode was |
| The name of the service used, usually FTP. |
| Type of authentication used. The values are
|
| This is the user ID returned to the server based on the authentication method used to access the server. An |
| A single-character field indicating the status of the transfer. The values are
|
An example of this file is seen in Listing 24.6.
Example 24.6. Sample /var/log/xferlog
File with Inbound and Outbound Logging
Mon Sep 3 07:13:05 2001 1 localhost.localdomain 100 /var/ftp/pub/README b o a [email protected] ftp 0 * c Mon Sep 3 02:35:35 2001 1 helios 8 /var/ftp/pub/configuration a _ o a [email protected] ftp 0 * c Mon Sep 3 02:35:35 2001 1 helios 8 /var/ftp/pub/temp.txt a o a [email protected] ftp 0 * c Mon Sep 3 02:35:35 2001 1 helios 8 /var/ftp/pub/tftp-server- 0.17-14.i386.rpm a o a [email protected] ftp 0 * c Mon Sep 3 02:35:35 2001 1 helios 8 /var/ftp/pub/wu-ftpd-2.6.1- 22.i386.rpm a o a [email protected] ftp 0 * c
http://www.wu-ftpd.org/—wu-ftp
official website.
http://www.cert.org/—Computer emergency response team.
http://www.openssh.com/—OpenSSH home page and source for the latest version of OpenSSH and its component clients, such as sftp.
http://www.cert.org/tech_tips/anonymous_ftp_config.html—CERT anonymous FTP configuration guidelines.
http://vsftpd.beasts.org/—Home page for the vsftd
ftp://vsftpd.beasts.org/users/cevans/—Download site for the latest releases of the vsftpd
server.
3.21.246.223