LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 10-29-2003, 10:21 AM   #1
msymms
LQ Newbie
 
Registered: Oct 2003
Location: Houston
Distribution: Red Hat 7.3
Posts: 11

Rep: Reputation: 0
Unhappy Confused: FTP, SSH, SFTP


Hi All,
Can someone please answer my question plainly? I have searched this forum and the web for straight forward advice but no luck. I am running RH 7.3. I only use my Linux box for personal ftp, telnet, and some email. I really don't need it but want to learn as much Linux as I have time for.
I believe I have ssh running. When I use Putty to telnet to my box I get a different sign on using port 22 than port 23.
What I want to do now is to secure the ftp transmissions (both control and data). Do I need just to connect via ssh (port 22 or 115) and then use my wu-ftpd (is this a good one for this application, should I use vsftp or proftp), and what is sftp? How does this all work together...Do I need a 'secure ftp server'? What things do I have to install to achieve my goals....how many chickens must I sacrifice to make this all work the way I want?
 
Old 10-29-2003, 10:26 AM   #2
GATTACA
Member
 
Registered: Feb 2002
Location: USA
Distribution: Fedora, CENTOS
Posts: 209

Rep: Reputation: 32
Sounds to me you want to use 'sftp'. BTW: 'sftp' = secure ftp. It provides the same security as ssh
 
Old 10-29-2003, 10:28 AM   #3
msymms
LQ Newbie
 
Registered: Oct 2003
Location: Houston
Distribution: Red Hat 7.3
Posts: 11

Original Poster
Rep: Reputation: 0
So is sftp a secure connection to an ftp server or a server itself????

Last edited by msymms; 10-29-2003 at 10:32 AM.
 
Old 10-29-2003, 10:31 AM   #4
GATTACA
Member
 
Registered: Feb 2002
Location: USA
Distribution: Fedora, CENTOS
Posts: 209

Rep: Reputation: 32
As I understand it yes. Anyone else want to add there $0.02?
 
Old 10-29-2003, 10:33 AM   #5
msymms
LQ Newbie
 
Registered: Oct 2003
Location: Houston
Distribution: Red Hat 7.3
Posts: 11

Original Poster
Rep: Reputation: 0
Yes what.....a connection to a server....or an ftp server itself
 
Old 10-29-2003, 10:33 AM   #6
GATTACA
Member
 
Registered: Feb 2002
Location: USA
Distribution: Fedora, CENTOS
Posts: 209

Rep: Reputation: 32
an ftp server itself
 
Old 10-29-2003, 10:53 AM   #7
msymms
LQ Newbie
 
Registered: Oct 2003
Location: Houston
Distribution: Red Hat 7.3
Posts: 11

Original Poster
Rep: Reputation: 0
So let me splain what I understand....I fire up my ftp client (SmartFtp) and connect to my Linux box on port 115 (I think this is what sftp runs on) and I'm connected and secure (both data and control) assuming sftp is running. Is this right?

Last edited by msymms; 10-29-2003 at 11:00 AM.
 
Old 10-29-2003, 10:57 AM   #8
GATTACA
Member
 
Registered: Feb 2002
Location: USA
Distribution: Fedora, CENTOS
Posts: 209

Rep: Reputation: 32
As I understand it yes. Does anyone else want to correct me on this one?
 
Old 10-29-2003, 11:24 AM   #9
frieza
Senior Member
 
Registered: Feb 2002
Location: harvard, il
Distribution: Ubuntu 11.4,DD-WRT micro plus ssh,lfs-6.6,Fedora 15,Fedora 16
Posts: 3,233

Rep: Reputation: 406Reputation: 406Reputation: 406Reputation: 406Reputation: 406
just ftp localhost or sftp localhost... what's so hard about that?, also sftp services come with SSHd anyways, so if you have SSH installed, then sftp should work as well
 
Old 10-29-2003, 11:34 AM   #10
msymms
LQ Newbie
 
Registered: Oct 2003
Location: Houston
Distribution: Red Hat 7.3
Posts: 11

Original Poster
Rep: Reputation: 0
okay so I tried sftp localhost...it worked! yee haa.. now how do I get my ftp client (like Smart FTP or FTpVoyager) to remotely connect to sftp and should I remove wu-ftpd and close port 21 in my fw?
 
Old 10-29-2003, 12:23 PM   #11
stickman
Senior Member
 
Registered: Sep 2002
Location: Nashville, TN
Posts: 1,552

Rep: Reputation: 53
I ran into this a while back. You need to get a clarification on what capabilities the client has. The sftp client that comes with Putty connects to an sshd daemon. Some clients define sftp as "ftp over ssl". While the connection mechanisms are very similar they are different enough that some firewalls don't like one or the other. If you already have an sshd daemon running on your server, you can use something like WinSCP which is a nice GUI client that works over ssh. You could use one daemon for remote login and file transfers.

Last edited by stickman; 10-29-2003 at 12:24 PM.
 
Old 10-29-2003, 01:33 PM   #12
msymms
LQ Newbie
 
Registered: Oct 2003
Location: Houston
Distribution: Red Hat 7.3
Posts: 11

Original Poster
Rep: Reputation: 0
I get it...it really doesn't matter what ftp server I run..as long as I connect through sftp, then the sshd handles the encryption. It is dependent on the client also. Tried WinSCP ..it is pretty nice. Can I shut down port 21 then?
 
Old 10-29-2003, 02:09 PM   #13
stickman
Senior Member
 
Registered: Sep 2002
Location: Nashville, TN
Posts: 1,552

Rep: Reputation: 53
If you are pushing files though ssh, then you can shutdown your ftp server on port 21.
 
Old 06-12-2007, 01:35 PM   #14
vglass
LQ Newbie
 
Registered: Jun 2007
Posts: 10

Rep: Reputation: 0
this is a common topic of confusion.

ftp = file transfer protocol. generally runs on port 21.

ftps = also known as ftp over ssl. generally runs on port 21 when using explicit-ssl mode. if using implicit ssl mode then it typically runs on port 990.

sftp = file transfer protocol built to run on top of ssh protocol. completely different protocol than ftp but is often confused with ftps given their similar name. generally runs on port 22 (same port as ssh).

when you say "secure both control and data" this is only applicable to ftp and ftps protocols. ftp/s protocols use 2 separate channels (control channel and data channel). unlike ftp/s, sftp data is all passed thru a single port, so there is no need to encrypt both channels as separate channels don't exist.

to use sftp you need to enable it in your ssh configuration files. this may already be enabled, so just try connecting using any sftp client.

if you want to use ftp/s then that usually involves installing a server. there are several out there that support ftps including proftpd, vsftpd and others. for ease of use I recommend the following

http://www.jscape.com/secureftpserver/

there is a free community edition. has a nice gui for local/remote administration and supports FTPS (FTP over SSL)

hope this clears up any confusion
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
SFTP and SSH XaViaR Linux - Security 5 07-20-2005 11:18 AM
ssh sftp-server dtaju Linux - Security 5 02-23-2004 05:16 PM
ssh/sftp/telnet true_atlantis Linux - Newbie 2 12-11-2003 08:18 PM
sftp and ssh-keygen help please grayhost Linux - Newbie 2 06-26-2003 06:51 PM
ssh and sftp help Rex_chaos Linux - Networking 8 03-17-2003 09:12 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 12:40 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration