FTP Server

The File Transfer Protocol (FTP) is a standard network protocol used for the transfer files between one host to another host over a TCP-based network, such as the Internet.

FTP is built on a client-server model architecture and uses separate control and data connections between the client and the server.

FTP users may authenticate themselves with a clear-text sign-in protocol, normally in the form of a username and password, but can connect anonymously if the server is configured to allow it.

Usually, the FTP server which stores files to be transferred uses two ports for the transferring purpose, one for commands and the other for sending and receiving data.
FTP may run in active or passive mode, which determines how the data connection is established. In both cases, the client creates a TCP control connection from a random, usually an unprivileged, port N to the FTP server command port 21.

Active mode:
In active mode, command connection is initiated by the client, and data connection is initiated by the server. As the actively establishes the data connection with client, this mode is referred to as active. The client opens up a port higher than 1024, and through its connects to the port 21 or the command port of the server.Then the sever opens up its port 20 and establishes a data connection to port higher than 1024 of the client.

Passive mode:
In passive mode, the server acts entirely passively as the command connection and data connection both initiated and established by the client. In this mode, server listens for incoming requests through its port 21(command port), and when a request is received for the data connection from the client (using a high port), server randomly opens up one of its high ports.

Then the client initiates a data connection between the opened port of the server and its own randomly selected port higher than 1024. In this mode, the client does not have to change its firewall settings,as it only requires outgoing connections and the firewall do not block outgoing connections.

However, the server admins must make sure that the server allows incoming connections at all its opened ports.

Steps to Configure FTP Server for downloading files.

Step 1: Install the package.

Check vsftpd is already installed or not with below command.

# rpm -q vsftpd
package vsftpd is not installed
#

Download vsftpd rpm package with below command.

# wget ftp://ftp.pbone.net/mirror/ftp.scientificlinux.org/linux/scientific/6.2/x86_64/updates/fastbugs/vsftpd-2.2.2-6.el6_2.1.x86_64.rpm

After download completed, install vsftpd with below commad.

# yum localinstall vsftpd-2.2.2-6.el6_2.1.x86_64.rpm

Once installation got completed, verify it.

# rpm -q vsftpd
vsftpd-2.2.2-6.el6_2.1.x86_64
#

Step 2: Got o /var/ftp/pub/ and create some files.

# cd /var/ftp/pub/
# touch file{1..5}
# ls
file1 file2 file3 file4 file5
#

Step 3: Restart the ftp service.

# service vsftpd restart
Shutting down vsftpd:       [ OK ]
Starting vsftpd for vsftpd: [ OK ]
#

Make the service enable even after reboot of the system

# chkconfig vsftpd on
# chkconfig --list vsftpd
vsftpd  0:off 1:off 2:on 3:on 4:on 5:on 6:off

Step 4: Check whether ftp package is installed or not.

# rpm -q ftp
package ftp is not installed
#

Download the rpm file and install.

# wget ftp://ftp.pbone.net/mirror/ftp.scientificlinux.org/linux/scientific/6.1/x86_64/os/Packages/ftp-0.17-51.1.el6.x86_64.rpm
# rpm -ivh ftp-0.17-51.1.el6.x86_64.rpm
# rpm -q ftp
ftp-0.17-51.1.el6.x86_64
#

Step 5: Now connect to the ftp server.

Syntax : # ftp << IP Address >>

# ftp 192.168.150.133
Connected to 192.168.150.133 (192.168.150.133).
220 (vsFTPd 2.2.2)
Name (192.168.150.133:root): ftp
331 Please specify the password.Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>

Step 6: Go to pub directory, check the files available.

ftp> cd pub
250 Directory successfully changed.
ftp>
ftp> ls
227 Entering Passive Mode (192,168,32,134,143,45).
150 Here comes the directory listing.
-rw-r--r--    1 0   0      0 Aug 13 10:03 file1
-rw-r--r--    1 0   0      0 Aug 13 10:03 file2
-rw-r--r--    1 0   0      0 Aug 13 10:03 file3
-rw-r--r--    1 0   0      0 Aug 13 10:03 file4
-rw-r--r--    1 0   0      0 Aug 13 10:03 file5
226 Directory send OK.
ftp>

Step 7: Download files.

Syntax:

get filename

mget file1 file2 …

ftp> get file1
local: file1 remote: file1
227 Entering Passive Mode (192,168,150,133,242,175).
150 Opening BINARY mode data connection for file1 (0 bytes).
226 Transfer complete.
ftp> quit
221 Goodbye.
# ls file1
file1
# ftp 192.168.150.133
Connected to 192.168.150.133 (192.168.150.133).
220 (vsFTPd 2.2.2)
Name (192.168.150.133:root): ftp
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>
ftp> mget file2 file3
ftp> quit
221 Goodbye.
# ls file2 file3
file2 file3
#

get – to download single file

mget – to download multiple files.

To exit from ftp server, use exit or bye

ftp> quit
221 Goodbye.
ftp> bye
221 Goodbye.

To connect to the ftp server graphically, open web browser and type ftp server’s ip address as following

ftp://192.168.150.133/

To upload the files in the ftp server, the steps are

Step 1: Create an upload directory in /var/ftp/.

# cd /var/ftp/
# mkdir upload

Step 2: Change the group to ftp and write permissions to the upload directory.

# chgrp ftp upload
# ls -ld upload
drwxr-xr-x. 2 root ftp 4096 Sep 19 01:53 upload
# chmod g+w upload
# ls -ld upload
drwxrwxr-x. 2 root ftp 4096 Sep 19 01:53 upload

Step 3: Now goto /etc/vsftpd/ and uncomment anon_upload_enable attribute.

# vi vsftpd.conf
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
#

Remove # character.

# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
anon_upload_enable=YES
#

Step 4: Restart the ftp service.

# service vsftpd restart
Shutting down vsftpd:         [  OK  ]
Starting vsftpd for vsftpd:   [  OK  ]

If SELinux is enabled in the ftp server, Could not Create file error will be displayed.

To solve this,

Step 5: Check the Booleans for ftp.

# getsebool -a |grep ftp
allow_ftpd_anon_write --> off
allow_ftpd_full_access --> off
allow_ftpd_use_cifs --> off
allow_ftpd_use_nfs --> off
ftp_home_dir --> on
ftpd_connect_db --> off
ftpd_use_passive_mode --> off
httpd_enable_ftp_server --> off
tftp_anon_write --> off
#

Make “allow_ftpd_anon_write” on

# setsebool -P allow_ftpd_anon_write on
# getsebool -a |grep ftp

allow_ftpd_anon_write --> on

Step 6: Add read write permission in context of upload directory using below command.

# cd /var/ftp/
# chcon -t public_content_rw_t upload
# ls -ldZ upload/drwxrwxr-x. root ftp unconfined_u:object_r:public_content_rw_t:s0 upload/
#

Finally, login to the client machine, access the ftp server and try uploading the files in it.

# ftp 192.168.150.133
Connected to 192.168.150.133 (192.168.150.133).
220 (vsFTPd 2.2.2)
Name (192.168.150.133:root): ftp
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>
ftp> cd upload
250 Directory successfully changed.
ftp>
ftp> put test
local: test remote: test
227 Entering Passive Mode (192,168,150,133,252,220).
150 Ok to send data.
226 Transfer complete.
24 bytes sent in 0.0172 secs (1.39 Kbytes/sec)
ftp>
ftp>
ftp> ls
227 Entering Passive Mode (192,168,150,133,36,247).
150 Here comes the directory listing.
-rw-------   1 14   50    24 Sep 19 09:13 test
226 Directory send OK.
ftp>
ftp> mput dept.txt emp.txt 
local: dept.txt remote: dept.txt
227 Entering Passive Mode (192,168,150,133,41,64).
150 Ok to send data.
226 Transfer complete.
77 bytes sent in 0.014 secs (5.50 Kbytes/sec)
local: emp.txt remote: emp.txt
227 Entering Passive Mode (192,168,150,133,113,70).
150 Ok to send data.
226 Transfer complete.
215 bytes sent in 0.00895 secs (24.03 Kbytes/sec)
ftp>
ftp> ls
227 Entering Passive Mode (192,168,150,133,185,14).
150 Here comes the directory listing.
-rw-------    1 14   50     77 Sep 19 09:15 dept.txt
-rw-------    1 14   50    215 Sep 19 09:15 emp.txt
-rw-------    1 14   50     27 Sep 19 09:14 file3
-rw-------    1 14   50     24 Sep 19 09:13 test
226 Directory send OK.
ftp>

put – to upload single file.

mput – to upload multiple files.

Allowing root access to the ftp.

# ftp 192.168.150.133
Connected to 192.168.150.133 (192.168.150.133).
220 (vsFTPd 2.2.2)
Name (192.168.150.133:root): root
530 Permission denied.
Login failed.
ftp>

To allow root user, comment root in /etc/vsftpd/user_list and /etc/vsftpd/ftpusers

vi /etc/vsftpd/ftpusers
# Users that are not allowed to login via ftp
#root

vi /etc/vsftpd/user_list
# for users that are denied.
#root

Make sure ftp_home_dir is on in ftp Booleans.

# getsebool -a |grep ftp
allow_ftpd_anon_write --> on
allow_ftpd_full_access --> off
allow_ftpd_use_cifs --> off
allow_ftpd_use_nfs --> offftp_home_dir --> on

Try logging again as root in the ftp server.

# ftp 192.168.150.133
Connected to 192.168.150.133 (192.168.150.133).
220 (vsFTPd 2.2.2)
Name (192.168.150.133:root): root
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>

 

Advertisements