Jump to content

my ftp server


Recommended Posts

Since I'm playing with ftp now and installed vsftp service and got it working. I'll just post my experiences with it here. I heard pure-ftpd is also a good one and I also came across proFTPd. May have to have a look at the other two as well. Just to see and feel the differences. I have it setup using ssl so my data is encrypted :)

Link to post
Share on other sites

Pure FTPd is the only service that offered me a number of features I wanted from an FTP server, and their documentation highlighted a number off security issues I hadn't considered with FTP software. I stuck to it, and it's worked pretty well so far.

 

The only real issue I had with PureFTPd is the config under ubuntu - rather than have a set of options in one configuration file, there are a series of files named after the configuration option, each containing the option value. In the traditional method, many other options can be specified and commented out in the file. Under Ubuntu/Debian, if the option wasn't set then the file didn't exist - completely illogical and frustrating when no proper documentation existed under Ubuntu. Luckily I had several RH/CentOS/Fedora installs so I could reference their config files and try filenames that way.

Link to post
Share on other sites
I think I actually overlooked something so don't have it setup fully on ssl. I use https://feedmebits.nl to connect to and I use sftp/ssh in my ftp client to connect. But wouldn't I need a seperate certificate? ah I think not right? cuz I remember dave saying, ssl is setup on ip. so if I have https://feedmebits.nl setup as ssl that would also go for my ftp? right?

 

If you're connecting via SFTP/SSH in your client, you're not connecting via FTP.

 

SFTP and FTP are completely unrelated -- SFTP runs atop SSH, so is using your SSH credentials and the existing SSH security (since you probably already logged in at least once, your SSH client has cached your server's 'host key', so that is how it knows you are talking to the right machine). It's not using the FTP protocol at all.

 

FTPS is FTP with TLS/SSL support added in, which is actually using the FTP protocol. Confusingly, there's also the option to tunnel FTP traffic over an SSH connection, which is different again from the previous two methods.

Link to post
Share on other sites

ah ok. learned something new again:) That I need to make some changes. Still trying to decided which I like better pure-ftpd or vsftpd.

Edited by Dungeon-Dave
snip unnecessary quote
Link to post
Share on other sites

As Hybrid mentioned:

  • SFTP/SCP/SSH run over the SSH port (generally 22).
  • FTP/FTPS run over FTP port (generally 20 and 21)

FTP servers often have an option to fall back from FTPS to ordinary FTP if TLS isn't established, meaning some people think their client is establishing an encrypted link when it isn't.

 

In terms of clients, I've used "lftp" as a command-line FTP client that does quite a mixture of protocols, which is good for my testing.

Link to post
Share on other sites

I got my problem figured out. The problem was that my firewall was in the way. I shut my firewall off and was able to connect. I then turned my firewall backup and let ftp through(via system-config-firewall-tui).

Then I restarted iptables. I reconnected with my ftp client and I was able to connect. Strange thing is as soon as I close my ftp client en try to connect again I get the error again:

 

GnuTLS error -53: Error in the push function. Seems to be a firewall problem from what I can find on it

 

seems like it's not entering passive mode like mentioned here

 

also when I open ftp port via tui a module loads when restarting iptables. So I would think that should be fine.

nf_conntrack_ftp

Edited by Dungeon-Dave
snip unnecessary quote
Link to post
Share on other sites
  • 1 month later...
Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...