Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
10-29-2003, 10:21 AM
|
#1
|
LQ Newbie
Registered: Oct 2003
Location: Houston
Distribution: Red Hat 7.3
Posts: 11
Rep:
|
Confused: FTP, SSH, SFTP
Hi All,
Can someone please answer my question plainly? I have searched this forum and the web for straight forward advice but no luck. I am running RH 7.3. I only use my Linux box for personal ftp, telnet, and some email. I really don't need it but want to learn as much Linux as I have time for.
I believe I have ssh running. When I use Putty to telnet to my box I get a different sign on using port 22 than port 23.
What I want to do now is to secure the ftp transmissions (both control and data). Do I need just to connect via ssh (port 22 or 115) and then use my wu-ftpd (is this a good one for this application, should I use vsftp or proftp), and what is sftp? How does this all work together...Do I need a 'secure ftp server'? What things do I have to install to achieve my goals....how many chickens must I sacrifice to make this all work the way I want?
|
|
|
10-29-2003, 10:26 AM
|
#2
|
Member
Registered: Feb 2002
Location: USA
Distribution: Fedora, CENTOS
Posts: 209
Rep:
|
Sounds to me you want to use 'sftp'. BTW: 'sftp' = secure ftp. It provides the same security as ssh
|
|
|
10-29-2003, 10:28 AM
|
#3
|
LQ Newbie
Registered: Oct 2003
Location: Houston
Distribution: Red Hat 7.3
Posts: 11
Original Poster
Rep:
|
So is sftp a secure connection to an ftp server or a server itself????
Last edited by msymms; 10-29-2003 at 10:32 AM.
|
|
|
10-29-2003, 10:31 AM
|
#4
|
Member
Registered: Feb 2002
Location: USA
Distribution: Fedora, CENTOS
Posts: 209
Rep:
|
As I understand it yes. Anyone else want to add there $0.02?
|
|
|
10-29-2003, 10:33 AM
|
#5
|
LQ Newbie
Registered: Oct 2003
Location: Houston
Distribution: Red Hat 7.3
Posts: 11
Original Poster
Rep:
|
Yes what.....a connection to a server....or an ftp server itself
|
|
|
10-29-2003, 10:33 AM
|
#6
|
Member
Registered: Feb 2002
Location: USA
Distribution: Fedora, CENTOS
Posts: 209
Rep:
|
an ftp server itself
|
|
|
10-29-2003, 10:53 AM
|
#7
|
LQ Newbie
Registered: Oct 2003
Location: Houston
Distribution: Red Hat 7.3
Posts: 11
Original Poster
Rep:
|
So let me splain what I understand....I fire up my ftp client (SmartFtp) and connect to my Linux box on port 115 (I think this is what sftp runs on) and I'm connected and secure (both data and control) assuming sftp is running. Is this right?
Last edited by msymms; 10-29-2003 at 11:00 AM.
|
|
|
10-29-2003, 10:57 AM
|
#8
|
Member
Registered: Feb 2002
Location: USA
Distribution: Fedora, CENTOS
Posts: 209
Rep:
|
As I understand it yes. Does anyone else want to correct me on this one?
|
|
|
10-29-2003, 11:24 AM
|
#9
|
Senior Member
Registered: Feb 2002
Location: harvard, il
Distribution: Ubuntu 11.4,DD-WRT micro plus ssh,lfs-6.6,Fedora 15,Fedora 16
Posts: 3,233
|
just ftp localhost or sftp localhost... what's so hard about that?, also sftp services come with SSHd anyways, so if you have SSH installed, then sftp should work as well
|
|
|
10-29-2003, 11:34 AM
|
#10
|
LQ Newbie
Registered: Oct 2003
Location: Houston
Distribution: Red Hat 7.3
Posts: 11
Original Poster
Rep:
|
okay so I tried sftp localhost...it worked! yee haa.. now how do I get my ftp client (like Smart FTP or FTpVoyager) to remotely connect to sftp and should I remove wu-ftpd and close port 21 in my fw?
|
|
|
10-29-2003, 12:23 PM
|
#11
|
Senior Member
Registered: Sep 2002
Location: Nashville, TN
Posts: 1,552
Rep:
|
I ran into this a while back. You need to get a clarification on what capabilities the client has. The sftp client that comes with Putty connects to an sshd daemon. Some clients define sftp as "ftp over ssl". While the connection mechanisms are very similar they are different enough that some firewalls don't like one or the other. If you already have an sshd daemon running on your server, you can use something like WinSCP which is a nice GUI client that works over ssh. You could use one daemon for remote login and file transfers.
Last edited by stickman; 10-29-2003 at 12:24 PM.
|
|
|
10-29-2003, 01:33 PM
|
#12
|
LQ Newbie
Registered: Oct 2003
Location: Houston
Distribution: Red Hat 7.3
Posts: 11
Original Poster
Rep:
|
I get it...it really doesn't matter what ftp server I run..as long as I connect through sftp, then the sshd handles the encryption. It is dependent on the client also. Tried WinSCP ..it is pretty nice. Can I shut down port 21 then?
|
|
|
10-29-2003, 02:09 PM
|
#13
|
Senior Member
Registered: Sep 2002
Location: Nashville, TN
Posts: 1,552
Rep:
|
If you are pushing files though ssh, then you can shutdown your ftp server on port 21.
|
|
|
06-12-2007, 01:35 PM
|
#14
|
LQ Newbie
Registered: Jun 2007
Posts: 10
Rep:
|
this is a common topic of confusion.
ftp = file transfer protocol. generally runs on port 21.
ftps = also known as ftp over ssl. generally runs on port 21 when using explicit-ssl mode. if using implicit ssl mode then it typically runs on port 990.
sftp = file transfer protocol built to run on top of ssh protocol. completely different protocol than ftp but is often confused with ftps given their similar name. generally runs on port 22 (same port as ssh).
when you say "secure both control and data" this is only applicable to ftp and ftps protocols. ftp/s protocols use 2 separate channels (control channel and data channel). unlike ftp/s, sftp data is all passed thru a single port, so there is no need to encrypt both channels as separate channels don't exist.
to use sftp you need to enable it in your ssh configuration files. this may already be enabled, so just try connecting using any sftp client.
if you want to use ftp/s then that usually involves installing a server. there are several out there that support ftps including proftpd, vsftpd and others. for ease of use I recommend the following
http://www.jscape.com/secureftpserver/
there is a free community edition. has a nice gui for local/remote administration and supports FTPS (FTP over SSL)
hope this clears up any confusion
|
|
|
All times are GMT -5. The time now is 12:40 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|