LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 01-09-2013, 02:10 AM   #1
linux2uday
LQ Newbie
 
Registered: Nov 2012
Posts: 9

Rep: Reputation: Disabled
Unhappy How do I enable root FTP access to the server?


how do I enable root FTP access to the server?

Please tell me in simple terms, as I am a simple person
 
Old 01-09-2013, 03:10 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,414

Rep: Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967
well you first need to tell us what FTP server you're using as they all work differently, but note that that is really a VERY bad idea. Is there not a better way to do what you want? Googling "<Name of FTP server> root access" is also a pretty sure way to find out your answer. Finally please use useful thread titles in future. "Help me!" (in quotes?? ) is not insightful nor informative for anyone. Thanks.
 
Old 01-10-2013, 03:47 AM   #3
sneakyimp
Member
 
Registered: Dec 2004
Posts: 795

Rep: Reputation: 50
I agree. You might consider using something like FireFTP (a firefox add-on) which can authenticate with a key pair and transfer files using FTP-over-ssh.
 
Old 01-10-2013, 03:52 AM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,414

Rep: Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967
Quote:
Originally Posted by sneakyimp View Post
I agree. You might consider using something like FireFTP (a firefox add-on) which can authenticate with a key pair and transfer files using FTP-over-ssh.
sftp is NOT "ftp-over-ssh" you need to be really careful to not imply sftp is "ftp but secure". As much as it emulates teh FTP protocol commands (and is VASTLY better than FTP) is not FTP.
 
Old 01-10-2013, 12:55 PM   #5
sneakyimp
Member
 
Registered: Dec 2004
Posts: 795

Rep: Reputation: 50
Quote:
Originally Posted by acid_kewpie View Post
sftp is NOT "ftp-over-ssh" you need to be really careful to not imply sftp is "ftp but secure". As much as it emulates teh FTP protocol commands (and is VASTLY better than FTP) is not FTP.
Pardon me for my inaccuracy. The differences are not entirely clear to me. Let me rephrase to say that I disabled FTP and password logins on my server and was still able to transfer files (I assume it was via SSH) using a username/key pair and FireFTP. Am I right in thinking this is a secure way to transfer files?
 
Old 01-10-2013, 01:35 PM   #6
schneidz
Senior Member
 
Registered: May 2005
Location: boston, usa
Distribution: fc-15/ fc-20-live-usb/ aix
Posts: 4,139

Rep: Reputation: 638Reputation: 638Reputation: 638Reputation: 638Reputation: 638Reputation: 638
as acid is implying i would not use the old, deprecated and insecure ftp protocol (even if it is awkwardly wrapped in some ssh overlay).

i would turn on ssh (which comes with scp (for automated file transfers) and sftp (for an ftp like interactive prompt (read: babysitting))). i would also install sshfs for extra ease-of-use of drag-and-drop local file copy emulation.

i would disable root login and create public keys for each of my clients.
 
Old 01-10-2013, 01:48 PM   #7
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,414

Rep: Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967
sftp is babysitting??
 
Old 01-10-2013, 01:53 PM   #8
sneakyimp
Member
 
Registered: Dec 2004
Posts: 795

Rep: Reputation: 50
Quote:
Originally Posted by schneidz View Post
as acid is implying i would not use the old, deprecated and insecure ftp protocol (even if it is awkwardly wrapped in some ssh overlay).
Of course. This is done. (Unspawn helped me a great deal to understand hardening a system)

Quote:
Originally Posted by schneidz View Post
i would turn on ssh (which comes with scp (for automated file transfers) and sftp (for an ftp like interactive prompt (read: babysitting))). i would also install sshfs for extra ease-of-use of drag-and-drop local file copy emulation.
I'm thoroughly familiar with ssh and scp, but get confused when people (or apps) start talking about sftp and always wonder if it's SSH File Transfer Protocol or FTP over SSH.

Quote:
Originally Posted by schneidz View Post
i would disable root login and create public keys for each of my clients.
Yes of course. I always do this.
 
Old 01-10-2013, 01:56 PM   #9
schneidz
Senior Member
 
Registered: May 2005
Location: boston, usa
Distribution: fc-15/ fc-20-live-usb/ aix
Posts: 4,139

Rep: Reputation: 638Reputation: 638Reputation: 638Reputation: 638Reputation: 638Reputation: 638
Quote:
Originally Posted by acid_kewpie View Post
sftp is babysitting??
as i understand, it prompts the user for username, then password, then remote filename, then local filename. much like a regular ftp session. thats why is use scp (with keys) in my scripts. maybe there is a non-interactive method to sftp but i never needed to find out its syntax ?
 
Old 01-10-2013, 02:00 PM   #10
sneakyimp
Member
 
Registered: Dec 2004
Posts: 795

Rep: Reputation: 50
Quote:
Originally Posted by schneidz View Post
as i understand, it prompts the user for username, then password, then remote filename, then local filename. much like a regular ftp session. thats why is use scp (with keys) in my scripts. maybe there is a non-interactive method to sftp but i never needed to find out its syntax ?
If you do not have FTP running on your server and have disabled password login via SSH, this means that access *requires* a certificate. I'm confused as to what you mean by "sftp." Regardless of what protocol you use, you still need to supply a username so that they know which certificate pair to check.
 
Old 01-10-2013, 02:07 PM   #11
schneidz
Senior Member
 
Registered: May 2005
Location: boston, usa
Distribution: fc-15/ fc-20-live-usb/ aix
Posts: 4,139

Rep: Reputation: 638Reputation: 638Reputation: 638Reputation: 638Reputation: 638Reputation: 638
^ i'm referring to the sftp command. i guess i was wondering if sftp command is cron-able the same way that scp is ?

Last edited by schneidz; 01-10-2013 at 02:08 PM.
 
Old 01-10-2013, 02:14 PM   #12
sneakyimp
Member
 
Registered: Dec 2004
Posts: 795

Rep: Reputation: 50
I'm not at all sure, but the man page on sftp suggests that the command is SSH File Transfer Protocol:
Quote:
Originally Posted by man sftp
SEE ALSO
ftp(1), ls(1), scp(1), ssh(1), ssh-add(1), ssh-keygen(1), glob(3), ssh_config(5), sftp-server(8), sshd(8)

T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh-filexfer-00.txt, January 2001, work in progress material.
I have not used this but I think I know what you mean about babysitting: it prompts you for the connection details?

I can't imagine the syntax is too hard, but if you are scripting things then sftp is probably fine I would imaging -- removes a layer of interface/b.s.
 
Old 01-10-2013, 02:21 PM   #13
schneidz
Senior Member
 
Registered: May 2005
Location: boston, usa
Distribution: fc-15/ fc-20-live-usb/ aix
Posts: 4,139

Rep: Reputation: 638Reputation: 638Reputation: 638Reputation: 638Reputation: 638Reputation: 638
ssh, sftp and scp all use the secure shell protocol to establish an encrypted connection.

ssh is used for running remote commands
sftp seems to be for humans to manually send/receive files.
scp seems to be a method for machines to send/receive files without human intervention (provided pke is established).

i think this resolves most confusion.
 
Old 01-10-2013, 03:20 PM   #14
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,414

Rep: Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967
scp was part of legacy ssh specs and sftp came along later. It's MUCH more powerful, and is a much better way for clients like winscp to transfer files over an SSH tunnel. whilst winscp can use either scp or sftp, sftp is preferred.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How do I enable anonymous access to inetd ftp in debian baronobeefdip Linux - Server 2 12-15-2012 07:11 PM
Access to one server via root/ssh/ftp on other only ftp anthonychallis Linux - Newbie 4 01-12-2010 03:23 PM
How do I enable ftp access to my site? imsam Linux - Newbie 1 12-08-2004 01:04 AM
How to enable Linux Root FTP account ?? chuck77 Linux - General 2 04-25-2003 01:13 AM
Guy got root directory access from my FTP server... how can I fix this? bripage Linux - General 16 10-02-2002 11:12 AM


All times are GMT -5. The time now is 07:42 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration