Linux-Noob Forums

Full Version: my ftp server
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2
Since I'm playing with ftp now and installed vsftp service and got it working. I'll just post my experiences with it here. I heard pure-ftpd is also a good one and I also came across proFTPd. May have to have a look at the other two as well. Just to see and feel the differences. I have it setup using ssl so my data is encrypted :)
I took a look at all three and as in config files. I like pure-ftpd the best as in how it's setup, so going to be playing around with it.

Pure FTPd is the only service that offered me a number of features I wanted from an FTP server, and their documentation highlighted a number off security issues I hadn't considered with FTP software. I stuck to it, and it's worked pretty well so far.

 

The only real issue I had with PureFTPd is the config under ubuntu - rather than have a set of options in one configuration file, there are a series of files named after the configuration option, each containing the option value. In the traditional method, many other options can be specified and commented out in the file. Under Ubuntu/Debian, if the option wasn't set then the file didn't exist - completely illogical and frustrating when no proper documentation existed under Ubuntu. Luckily I had several RH/CentOS/Fedora installs so I could reference their config files and try filenames that way.


Quote:I think I actually overlooked something so don't have it setup fully on ssl. I use https://feedmebits.nl to connect to and I use sftp/ssh in my ftp client to connect. But wouldn't I need a seperate certificate? ah I think not right? cuz I remember dave saying, ssl is setup on ip. so if I have https://feedmebits.nl setup as ssl that would also go for my ftp? right?
 

If you're connecting via SFTP/SSH in your client, you're not connecting via FTP.

 

SFTP and FTP are completely unrelated -- SFTP runs atop SSH, so is using your SSH credentials and the existing SSH security (since you probably already logged in at least once, your SSH client has cached your server's 'host key', so that is how it knows you are talking to the right machine). It's not using the FTP protocol at all.

 

FTPS is FTP with TLS/SSL support added in, which is actually using the FTP protocol. Confusingly, there's also the option to tunnel FTP traffic over an SSH connection, which is different again from the previous two methods.

ah ok. learned something new again:) That I need to make some changes. Still trying to decided which I like better pure-ftpd or vsftpd.
I decided to use vsftpd again and have ssl activated now. but not able to connect with my client. Getting an error. going to look into it and report once I figure it out.

As Hybrid mentioned:
  • SFTP/SCP/SSH run over the SSH port (generally 22).


  • FTP/FTPS run over FTP port (generally 20 and 21)




FTP servers often have an option to fall back from FTPS to ordinary FTP if TLS isn't established, meaning some people think their client is establishing an encrypted link when it isn't.

 

In terms of clients, I've used "lftp" as a command-line FTP client that does quite a mixture of protocols, which is good for my testing.


I got my problem figured out. The problem was that my firewall was in the way. I shut my firewall off and was able to connect. I then turned my firewall backup and let ftp through(via system-config-firewall-tui).

Then I restarted iptables. I reconnected with my ftp client and I was able to connect. Strange thing is as soon as I close my ftp client en try to connect again I get the error again:

 

GnuTLS error -53: Error in the push function. Seems to be a firewall problem from what I can find on it

 

seems like it's not entering passive mode like mentioned here

 

also when I open ftp port via tui a module loads when restarting iptables. So I would think that should be fine.

nf_conntrack_ftp


I found the answer to my problem in these two posts, works now :)

 

http://www.linuxques...rd-port-891483/

http://www.wowtutori...utorial/26.html

 

Going to look at virtual users next via MySQL

When you're done, fancy writing a guide on it?
Pages: 1 2