Hi All,
Can someone please answer my question plainly? I have searched this forum and the web for straight forward advice but no luck. I am running RH 7.3. I only use my Linux box for personal ftp, telnet, and some email. I really don't need it but want to learn as much Linux as I have time for.
I believe I have ssh running. When I use Putty to telnet to my box I get a different sign on using port 22 than port 23.
What I want to do now is to secure the ftp transmissions (both control and data). Do I need just to connect via ssh (port 22 or 115) and then use my wu-ftpd (is this a good one for this application, should I use vsftp or proftp), and what is sftp? How does this all work together...Do I need a 'secure ftp server'? What things do I have to install to achieve my goals....how many chickens must I sacrifice to make this all work the way I want?

Sounds to me you want to use 'sftp'. BTW: 'sftp' = secure ftp. It provides the same security as ssh

So is sftp a secure connection to an ftp server or a server itself????

As I understand it yes. Anyone else want to add there $0.02?

Yes what.....a connection to a server....or an ftp server itself

an ftp server itself

So let me splain what I understand....I fire up my ftp client (SmartFtp) and connect to my Linux box on port 115 (I think this is what sftp runs on) and I'm connected and secure (both data and control) assuming sftp is running. Is this right?

As I understand it yes. Does anyone else want to correct me on this one?

just ftp localhost or sftp localhost... what's so hard about that?, also sftp services come with SSHd anyways, so if you have SSH installed, then sftp should work as well

okay so I tried sftp localhost...it worked! yee haa.. now how do I get my ftp client (like Smart FTP or FTpVoyager) to remotely connect to sftp and should I remove wu-ftpd and close port 21 in my fw?

I ran into this a while back. You need to get a clarification on what capabilities the client has. The sftp client that comes with Putty connects to an sshd daemon. Some clients define sftp as "ftp over ssl". While the connection mechanisms are very similar they are different enough that some firewalls don't like one or the other. If you already have an sshd daemon running on your server, you can use something like WinSCP which is a nice GUI client that works over ssh. You could use one daemon for remote login and file transfers.

I get it...it really doesn't matter what ftp server I run..as long as I connect through sftp, then the sshd handles the encryption. It is dependent on the client also. Tried WinSCP ..it is pretty nice. Can I shut down port 21 then?

If you are pushing files though ssh, then you can shutdown your ftp server on port 21.

this is a common topic of confusion.

ftp = file transfer protocol. generally runs on port 21.

ftps = also known as ftp over ssl. generally runs on port 21 when using explicit-ssl mode. if using implicit ssl mode then it typically runs on port 990.

sftp = file transfer protocol built to run on top of ssh protocol. completely different protocol than ftp but is often confused with ftps given their similar name. generally runs on port 22 (same port as ssh).

when you say "secure both control and data" this is only applicable to ftp and ftps protocols. ftp/s protocols use 2 separate channels (control channel and data channel). unlike ftp/s, sftp data is all passed thru a single port, so there is no need to encrypt both channels as separate channels don't exist.

to use sftp you need to enable it in your ssh configuration files. this may already be enabled, so just try connecting using any sftp client.

if you want to use ftp/s then that usually involves installing a server. there are several out there that support ftps including proftpd, vsftpd and others. for ease of use I recommend the following

http://www.jscape.com/secureftpserver/

there is a free community edition. has a nice gui for local/remote administration and supports FTPS (FTP over SSL)

hope this clears up any confusion