File Transfer Protocol (FTP)

The File Transfer Protocol (FTP) is a widely used protocol that enables a user to transfer files between two computers on a TCP/IP network. A file transfer application (typically also called ftp) uses the FTP protocol to transfer files. The user runs an FTP client application on one computer, and the other computer runs an FTP server program such as ftpd (FTP daemon) on a Unix/Linux computer, or an FTP service on other platforms. Many FTP client programs are command-line based, but graphical versions are available as well. FTP is used primarily to transfer files, although it can perform other functions such as creating directories, removing directories, and listing files.

FTP uses the TCP protocol and, therefore, operates through a reliable, connection-oriented session between the client and server computers. The standard FTP daemon (on the server) listens on TCP port 21 for a request from a client. When a client sends a request, a TCP connection is initiated (see Hour 6). The remote user is then authenticated by the FTP server, and a session begins. A classic text-based FTP session requires the remote user to interact with the server through a command-line interface. Typical commands start and stop the FTP session, navigate through the remote directory structure, and upload or download files. Newer GUI-based FTP clients offer a graphic interface (rather than a command interface) for navigating directories and moving files.

On most computers, you start a text-based FTP session by entering ftp followed by the hostname or IP address of the FTP server. FTP then prompts you for a user ID and a password, which are used by the FTP server to validate you as an authorized user and determine your rights. For example, the user account you log on with might be assigned read-only access, or it might be configured for both read and write operations. Many FTP servers are available for public use and allow you to log on with a user ID called anonymous. When the anonymous account is used as the user ID, you can enter virtually any password. However, it is customary to enter your email account name as the password. When FTP servers are not intended for general public use, the servers are configured to not allow anonymous access. In that case, you must enter a user ID and password to gain access. The user ID and password are typically set up and provided by the FTP server administrator.

Many FTP client implementations allow you to enter either Unix-based commands or DOS-based commands. The actual commands available depend on the client software being used. When you transfer files using FTP, you must specify to FTP the type of file that you are about to transfer; the most common choices are binary and ASCII. Choose ASCII when the type of file you want to transfer is a simple text file. Choose binary when the type of file you want to transfer is either a program file, a word processing document, or a graphics file. The default file transfer mode is ASCII.

Be aware that many FTP servers reside on Unix and Linux computers. Because Unix and Linux are case-sensitive—that is, they distinguish between uppercase and lowercase letters—you must match the case exactly when entering filenames. The current directory on the local computer from which you start an FTP session is the default location where files are transferred to or from.

The following is a list of commonly used FTP commands and explanations of the commands.

• ftp— The ftp command is used to start the FTP client program. You can enter ftp by itself, or you can follow it with an IP address or domain name. In Figure 14.8, an FTP session to rs.internic.net was started by typing ftp rs.internic.net. As you can see, a lot of information was returned.

  Figure 14.8. Starting an FTP session.

  

  The first line tells you that you are connected. All of the lines between and including those preceded by 220 are a customized logon message presented to all users. The next line asks for a user ID; here it is entered as anonymous. The line preceded by 331 is a customized system message requesting your email address as a password. A number always precedes a system message. As you can see by the final line, the password is not displayed when typed.

• user— The user command is used to change the user ID and password information of the current session. You will be prompted to enter a new user ID and password, exactly as when you use the ftp command. This command is effectively the same as quitting FTP and starting again as a new user.

• help— The help command displays the ftp commands that are available on your FTP client (Figure 14.9).

  Figure 14.9. Type help at the FTP prompt for a list of FTP commands.

  

• ls or dir— The Unix/Linux ls or ls -l command or the Windows dir command lists the contents of a directory. The response from these commands lists the filenames and directory names contained within the current working directory on the FTP server. Between the two system messages (the lines preceded by 150 and 226) is the actual directory listing, which contains all of the files and subdirectories within the current working directory. The ls -l command is similar to the ls command but lists additional details such as read and write permissions and file creation dates.

• pwd— The pwd command prints the name of the current working directory. This is the directory on the remote server, not the directory on your local computer.

• cd— The cd command changes the current working directory on the FTP server.

• mkdir— The Unix/Linux mkdir command creates a directory on the FTP server inside the current working directory. This command is typically not allowable during an anonymous FTP session.

• rmdir— The Unix rmdir command removes a directory on the FTP server from the current working directory. This command is typically not allowable during an anonymous FTP session.

• binary— The binary command switches the FTP client to binary transfer mode from the default ASCII transfer mode. Binary mode is useful when transferring binary files, such as programs and graphics, using the get, put, mget, and mput commands.

• ascii— The ascii command switches the FTP client to ASCII transfer mode from binary mode.

• type— The type command displays the current mode (ASCII or binary) for file transfer.

• status— The status command displays information about the various settings on the FTP client. Such settings include the mode (binary or ASCII) the client is set to and whether the client is set to display verbose system messages.

• get— The get command retrieves a file from an FTP server to an FTP client. Using the get command followed by a single filename will copy that file from the FTP server to the working directory on the FTP client. If the get command is followed by two filenames, the second name is used to designate the name of the new file created on the client. If you omit the second filename, FTP will usually prompt you for it.

• mget— The mget command is similar to the get command except that it lets you retrieve multiple files.

• put— The put command transfers a file from the FTP client to the FTP server. Using the put command followed by a single filename will copy the file from the FTP client to the FTP server. If the put command is followed by two filenames, the second name designates the name of the new file created on the server. If you omit the second filename, FTP will usually prompt you for it.

• mput— The mput command is similar to the put command, except that it enables you to transfer multiple files with one command.

• open— The open command allows you to establish a new session with an FTP server. This is essentially a shortcut to quitting FTP and starting it again. The open command can be used to open a session with an entirely different FTP server or to reopen a session with the current server.

• close— The close command ends the current session with an FTP server. The FTP client program remains open, and you can start a new session with the server by using the open command.

• bye or quit— These commands close the current FTP session and terminate the FTP client.

Although the preceding list does not cover every FTP command, it gives you an idea of those used most often during an FTP session.

Most modern computer systems include support for FTP at the command line; however, a new generation of GUI-based FTP clients eliminates the need for command-line input. Users who access FTP frequently often opt for a graphical client that displays and manages file resources much like an ordinary file browser.

FTP is a relatively ancient protocol that evolved before the recent emphasis on secure networking. Later updates to the specification, such as RFC 2228 “FTP Security Extensions,” have added important protections, such as more secure authentication, but FTP is still considered insecure.

Despite these security concerns, FTP remains quite popular. The FTP protocol provides a convenient mechanism for uploading and downloading ordinary documents and files too big to circulate through email. One advantage of uploading a document through FTP rather than emailing it is that you can use FTP commands to check for the presence of the file on the server and, therefore, verify that the file has reached its destination.

For those who need something more secure than garden-variety FTP, another program called Secure File Transfer Protocol (SFTP) provides FTP-like features over an encrypted network connection. SFTP is FTP over the encrypted SSH transport protocol. (See Hour 15, “Monitoring and Remote Access,” and Hour 23, “TCP/IP Security,” for more on SSH and other encryption techniques.)

SFTP is gradually replacing FTP for situations that require enhanced security; however, the long tradition of FTP access—including anonymous FTP access, which doesn’t require any security at all—ensures that FTP will continue to play an important role in Internet communication.