LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 12-24-2004, 09:16 AM   #1
axcis
LQ Newbie
 
Registered: Dec 2004
Posts: 1

Rep: Reputation: 0
FTP over SSH with vsftpd


Hello,

I would like to get my server more secured, thus I want my visitors to use the FTP though SSH-tunneling.

I am running vsftpd on RedHat 9. Please point me in the documentation, or give me some help.

What I want
- disable the simple connections *(direct to the FTP server with un-encrypted password)
- grant only FTP over SSH (how to implement?)

I tried to use SecureCRT with my FTP client. I setup port-forwarding localhost:2021 -> destination:21

And the my connection was fine, except I did'nt get any data from FTP server (no file lists, directories and so on). Where should i tune either FTP client or SSH-tunnel?

Best wishes,
Dmitry.
 
Old 12-25-2004, 02:41 PM   #2
twantrd
Senior Member
 
Registered: Nov 2002
Location: CA
Distribution: redhat 7.3
Posts: 1,438

Rep: Reputation: 52
If you want ftp to tunnel through ssh, then take a look at the command "scp". That will take care of it for you.

-twantrd
 
Old 12-25-2004, 06:11 PM   #3
Butt-Ugly
Member
 
Registered: Nov 2004
Location: Brisbane, Australia
Distribution: Fedora Core 5
Posts: 89

Rep: Reputation: 15
There are 2 different systems you are discussing here:

SFTP - SSH daemon configured with the 'sftp-server' subsystem. You can use Secure Copy (scp) or Secure File Transfer Program (sftp) to transfer files/data between your client application and server, while SSH handles your link encryption. You can disable the 'sftp-server' subsystem and still transfer all your files using scp. Also know as SSH FTP.


FTPS - Remember your old FTP server? FTPS is the implementation of 'Security Extensions' for the old FTP, as defined in RFC2228. This implements TSL/SSL encryption between client and server for confidentiality of authentication and data transfers. The vsftpd server is RFC2228 enabled as of version2 and works a treat.

You can (if you want) run both SSH FTP and FTPS servers, then access your system which ever suits your requirements at the time.

IMHO, I would configure vsftpd with TLS then chroot() your users where required. You can configure TLS to handle the whole session or only the authentication process if required, then drop back to plain text for transfer purposes, this saves encryption overheads while file transfering.

Linux Clients....
gFTP - SSH FTP and FTPS.

Windows Clients....
WinSCP - SSH FTP
SmartFTP - FTPS.
PuTTY - SSH command line client for windows PCs.


Miles.
 
Old 12-27-2004, 04:04 AM   #4
alon005
LQ Newbie
 
Registered: Oct 2004
Posts: 9

Rep: Reputation: 0
Re: FTP over SSH with vsftpd

Quote:
Originally posted by axcis
Hello,

I would like to get my server more secured, thus I want my visitors to use the FTP though SSH-tunneling.

I am running vsftpd on RedHat 9. Please point me in the documentation, or give me some help.

What I want
- disable the simple connections *(direct to the FTP server with un-encrypted password)
- grant only FTP over SSH (how to implement?)

I tried to use SecureCRT with my FTP client. I setup port-forwarding localhost:2021 -> destination:21

And the my connection was fine, except I did'nt get any data from FTP server (no file lists, directories and so on). Where should i tune either FTP client or SSH-tunnel?

Best wishes,
Dmitry.
Ask your users to run this command first:

ssh -2 -N -f -L 2021:localhost:21 user@remote_ftpd_server.com

and then
run

ftp user@remote_ftpd and now everything will be tunneled

or install ftp server with ssl wrapper

Last edited by alon005; 12-27-2004 at 04:47 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
vsftpd in ftp clients - a no go ?? ycamera2mank Linux - Software 3 09-04-2005 05:48 PM
FTP server help -Vsftpd BinkyFiz Linux - Software 0 02-28-2005 07:56 PM
SSH & Vsftpd Troubles Sabicas Linux - Networking 4 09-12-2004 12:21 AM
FTP only users for vsftpd. jsbush Linux - Newbie 2 10-27-2003 07:13 PM
Can't connect to vsFTPd through ssh tunnel Sizam Linux - Networking 0 06-27-2003 01:30 PM


All times are GMT -5. The time now is 08:49 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration