Download presentation
Presentation is loading. Please wait.
Published byAmberly Norman Modified over 9 years ago
1
Chapter 19 FTP: Transferring Files Across a Network
FTP Client JumpStart: Downloading Files Using fip Notes Anonymous FTP Automatic Login Binary versus ASCII Transfer Mode ftp Specifics FTP Server (vsftpd) JumpStart: Starting a vsftpd Server Testing the Setup vsftpd.conf: Configuring vsftpd Dumb versus terminal emulation Palette computers Wyse terminals blue screen terminals dial-in telnet Passwords selection - currently ssn Commands date Fri Aug 29 10:00:12 MST 1997 who resparza tty12 Aug29 10:00 johnson johnson: not found cal finger CIS238/DL
2
Introduction ftp has been around as one of the original TCP/IP protocols ftp and vsftpd – this chapter will focus more on vsftpd since it is provided with Fedora Security – vsftp is secure, ftp is not Connections – passive is client initiated connection, active is if server initiates CIS238/DL
3
FTP Client ftp – command line, Linux or Windows
sftp – secure ftp, part of OpenSSH gftp – graphical ftp, supports ftp, SSH, and HTTP ncftp – Fedora text-based utility with more features than standard ftp CIS238/DL
4
Standard ftp screen CIS238/DL
5
gFTP CIS238/DL
6
NcFTP CIS238/DL
7
]umpStart: Downloading Files Using ftp
Basic commands: ftp ftp.server.net ftp> open ftp.server.net ftp> user ftp> get (mget) ftp> put (mput) ftp> prompt ftp> hash ftp> ascii or binary ftp> cd and lcd ftp> quit or bye CIS238/DL
8
Anonymous FTP Can use user id of either
anonymous or ftp (some systems) Enter address as password if necessary, see automatic login below ftp server can use reverse DNS to verify CIS238/DL
9
Automatic Login Place ~/.netrc file in your home directory to allow automatic login: $ cat .netrc machine bravo login jimbo password xyz123 Make readable only by owner! Can defeat at ftp server config file CIS238/DL
10
Binary versus ASCII Transfer Mode
Binary mode (default for some systems) provides a byte by byte exact transfer ASCII (ascii) mode converts end of line characters between Windows and Unix systems Can also use dos2unix or unix2dos Security – always use binary mode CIS238/DL
11
ftp Specifics Format – ftp [-options] server Options: -i interactive
-g globbing, file name expansion with wild cards -v verbose -n no automatic login with .netrc CIS238/DL
12
ftp commands Shell command = !command (!ls) Transfer files:
append local remote get remote-file [new local file name] mget remote-file-list [wild cards allowed] put local-file [new remote file name] mput remote-file-list [wild cards allowed] newer remote-file [new local file name] reget remote-file [new local file name] CIS238/DL
13
status ascii – sets transfer mode to ASCII
binary – sets transfer mode to binary close – quits ftp server without leaving ftp open [server name] – opens new ftp connection hash – shows hash marks (#) during transfers prompt – toggles prompts for transfers passive – toggles between passive and active user – sign in as different user quit or bye – exits ftp site and closes ftp CIS238/DL
14
Directories cd - changes directories on ftp server/site
lcd – changes local directories on your machine Do not use ftp> ! cd newdirectory Remember that the environment does not change in a spawned process! CIS238/DL
15
Files chmod – to change permissions on files
delete – to delete remote file(s) if allowed mdelete remote-file-list CIS238/DL
16
Display Information dir – like ls but has file option:
dir [remote-dir] file (file saved on your local system with contents of the remote directory listing) ls – same as dir but with more information help – shows commands pwd – print working remote directory status – status information verbose – to see all that is happening CIS238/DL
17
FTP Server (vsftpd) The vsftpd package is installed by default on Red Hat systems Modes: Standalone – set listen parameter to “yes” in vsftpd.conf file Normal – use xinetd superserver to start and stop, set to normal by default CIS238/DL
18
JumpStart: Starting a vsftpd Server
Make sure service is running: # /sbin/service vsftpd status vsftpd (pid 3022) is running . . . Check permissions in /var/ftp directory # ls –ld /var/ftp drwxr-xr-x 4 root root 4096 Aug 12 /var/ftp CIS238/DL
19
vsftpd connection from localhost
CIS238/DL
20
vsftpd connection from remote host
CIS238/DL
21
vsftpd.conf: Configuring vsftpd
Standalone – listen=yes listen_port (default 21) listen_address – defaults to any network interface max_clients – set to 0 for unlimited max_per_ip – set to 0 for any IP address allowed CIS238/DL
22
Logging in userlist_enable – yes further checks userlist_deny, no does not check the list, more secure is no userlist_deny – list of users denied access userlist_file – name of user list file local_enable – allows users in /etc/passwd file to log onto system CIS238/DL
23
Anonymous Users anonymous_enable – yes allows anonymous
no_anon_password – yes won’t ask for password deny_ _enable – yes checks if password user is denied access to system banned_ _file – list of denied users by address CIS238/DL
24
Working Directories and chroot jail
chroot_list_enable – sets user in jail either in their home directory or in /var/ftp chroot_local_user – if set to no local user can move around directory structure chroot_list_file – naem of the file if chroot_list_file is set to yes passwd_chroot_enable – allows local user to cd to home directory (/home/./jones) secure_chroot_dir – empty directory that is not writeable by user ftp, a secure chroot jail CIS238/DL
25
Messages dirmessage_enable – yes displays .message
banner_file – file that is displayed at login, overrides ftpd_banner ftpd_banner – overrides the standard vsftpd greeting banner at connection time And speaking of banners: CIS238/DL
26
Any Questions? CIS238/DL
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.