Looking for suggestions for a FTP server app. Not sure what to look for
in an application - Just have a need to have file transfer from my LAN
to the WAN - low number of users will have access - easy to configure
with a GUI interface.
Humm . . . the GUI interface is the hard part. Vsftp, pureftp, heck -
even a quick and dirty set of using xinit - they are all pretty simple.
However, none have any GUI admin interface I am aware of.
There of course are control panels (Webmin, Cpanel, etc.) that allow
you to administer user accounts and ftp accounts, etc. but that might be
a bit overkill.
LewsTherinTelemon wrote:
> Humm . . . the GUI interface is the hard part. Vsftp, pureftp, heck -
> even a quick and dirty set of using xinit - they are all pretty simple.
> However, none have any GUI admin interface I am aware of.
>
> There of course are control panels (Webmin, Cpanel, etc.) that allow
> you to administer user accounts and ftp accounts, etc. but that might be
> a bit overkill.
I would suggest vsftp. The administration functions I needed are available
in Yast->Network Services->FTP Server.
>
>
>
> Looking for suggestions for a FTP server app. Not sure what to look
> for in an application - Just have a need to have file transfer from my
> LAN to the WAN - low number of users will have access - easy to
> configure with a GUI interface.
>
> Thank you
>
>
For a small number of users why not just install ssh and let them use
sftp? They can do it graphically with e.g. filezilla, or by mounting
server directories with sshfs.
–
*********** To reply by e-mail, make w single in address **************
Yes, for a small number of users, just use the existing ssh service with
filezilla. If opening the service outside of your LAN, translate from a
different port to 22 at the border router so that you don’t get these
skript kiddies having a go at your ssh service and filling up your log.
Also disable root login via ssh and specify an AllowUsers list.
One disadvantage of ssh/sftp is that there is no way of enforcing a
home jail without building a custom sftp server, your users can browse
all over the system. I think this might be fixed in recent or upcoming
versions of sftp, don’t remember the details.
ken_yap;1907333 Wrote:
> If opening the service outside of your LAN, translate from a different
> port to 22 at the border router
Not sure what you mean - I have a WRT54GL running Tomato. Do you mean
to port forward port 22 to some other external port?
> Also disable root login via ssh and specify an AllowUsers list.
Where do I disable this?
The only FTP that I know was an external drive (USB)with a built in FTP
(Linux based) - All I had to do was create a directory and allow a
user/password to the directory
I will look at finding a vsftpd tutorial/setup info…
If you are using this outside the LAN change to a random port other
than 22 which is the standard ssh. It common to have ssh on 22 under
attack as it is commonly left unsecured.
On the root server, edit: /etc/ssh/sshd_config
PROTOCOL 2 (REMOVE THE HASH)
*PERMITROOTLOGIN NO
*PubKeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys (this folder is in
your hidden home, it should have been created when you copied the key
from the remote client - make sure the path is the same as you have)
*PasswordAuthentication yes
*(this I have as Yes because I have use a password as well as the key)
If I have it correct myself the hosts allow is edited
/etc/hosts.allow
at the end of the file add:
sshd : 192.168..** (the ip of the remote machine/s)
With vsftpd what is the difference between starting at boot and using
xinetd?
Are the users that you allow access - are these set from with user
manager or is there a config file that I edit to add myself or a
co-worker too - or does this person need to become a ‘user’ that can
login to the console?
Am I better to use SSH as a means to enter the FTP? The info on the ftp
is work transfer data and notes, program updates etc.
If running standalone, a vsftpd process is always active.
If running under xinetd, an instance gets started by xinetd on demand.
So lots of services that are rarely used can be run from xinetd, and
there will be only one process, xinetd, running most of the time. This
reduces the number of rarely used processes that are running. However
running under xinetd is not good for services with heavy usage or
require fast response. So services like Samba and Apache are never run
under xinetd.
Whether the ftp users are the same as the login users depends on
whether you are using virtual users or login users for the
authentication database.
Ssh is not related to ftp. Sftp is not related to ftp. Some people
confuse sftp with ftp over SSL, which is related to ftp.