I have made several strides in getting my feet wet with Mandrake!

1. Got it finally running!
2. Learned how to install the NVIDIA drivers

Now the next thing I would like to try to get running is an FTP server. I read the how-to for ProFTPD on the boards.

The PC I am using for Mandrake has nothing in it, just a dual boot with Linux & Windows. The PC is connected to another PC via a DSL router.

If I try to set up an FTP server per the how-to with ProFTPD, will this compromise the security on my main PC? Can a FTP user navigate from the FTP directory to the Windows PC? Is there any pifalls that I need to expressly NOT DO in order to keep the linux ftp server 'quarantined' from the other PC? I'm assuming deny login to root is a given...

Hey

I set up proFTPd when I was a newbie and it was really easy. I jotted down some notes as I went along, which *may* help you. I won't explain how to do it, as there are loads of good how tos for prooFTPd (including on in LQ, if I remember correctly). My help is here: http://hamishnet.homelinux.com/pub/howtos/ftp

ignore hte stuff about emerge, as that is for installing on Gentoo. You will just have to download the RPM or whatever.

_Security_
FTP does not encrypt data when transferring, so I don't like to use it. You are MUCH better just using SCP (which just uses the standard SSHd stuff). You don't have to run any new daemons on the server. This is your best solution. Just download an SCP GUI from somewhere and try it. (for windows, use winSCP as the client).

Hamish

OK you lost me there.

What is SCP? It is better that FTP? If so, why?

What hamish says is correct, use an encrypted FTP. Personally, since I already had SSH (its like a secure telnet) setup on my machine. I just set my FTP client to connect via SSH. It works just the same as FTP, its encrypted and there was no additional programs for me to setup, no additional ports open etc..

www.ipswitch.com has a good client which can use SSH. On a side note, if you do try this, I suggest you edit your sshd_config (should be located /etc/ssh/sshd_config ) and change the defalut port to something other than 22...... I get a lot of logon attempts on this port.

Again, if you decide to go this path, and have additional questions, ask away and I will be happy to help.

OK, so I if I understand correctly,

1. I use ProFTPD to set up the FTP folder on my PC.
2. Then my girlfriend and I (in each of our respective PC's) need to install ipswitch in order to connect to the folder with my shared files from another PC and have it encrypted.

Question:
Can someone without IPswitch still connect to the FTP folder?

Hey
What we are suggesting is NOT to use FTP at all. SCP just uses SSH (which is the Secure SHell) so you don't have to install anything.

When you want to access a folder on the server, you can just open up the file brower (on the client) and type

scp://user@myserver/

It will then ask you for a password and then you will be able to access the files on the server, securely.

You don't need to make an "ftp" folder this way. If you need to access shared data, just make a generic username which oyu can both use, like "myflat" or something.

hope this isn't confusing you too much.
Hamish

Hamish I think the problem is us... I think we should be asking a few more questions before giving him the correct solution.

First, what OS do you intend to connect from. My solution is more of an M$ to linux solution while it sounds like Hamish is connecting from linux to linux. Either way, you probably have everything you already need on your server. No need to setup additional software.

What you will need, is a client to connect to your server (either WS_FTP_PRO scp or your own client). This will need to be install on the remote machine and will APPEAR exactly like a FTP client but it will be using a secure protocol.

Second, where are you now? at the remote location or at the server? Im asking becuse my next step will be to check to see if SSH is already running which Im guessing it is.

R

OK, now the fog is beginning to clear....

So I am using SCP because it is better than FTP since it is encrypted.

Ryedunn, you are correct in that I did not specify my original intent (other than learning).

I have several files (jpeg, doc) that I would like to put on an old PC where they can be accessed from a remote computer. I would like my girlfriend and myself to be able to access these files from her home. In my home, I have a windows XP PC in addition to this Linux one. They are connected via a DSL router. My girlfriend is using Windows XP and the Firefox browser. In the future, we may want to allow others to have access to these files for a period of time (like right after a vacation). We do not know what OS or browser they will be using, although we suspect Windows & IE.

Now that I gave you the complete picture, what's the best course of action to set up the Mandrake PC as a server to share files?

from a remote machine open up a DOS prompt and type
telnet <IP Address> 22
(i.e telnet 192.168.0.1 22 ) this will try to connect to your linux box via port 22. If the command propt clears and you see a screen with something like "SSH-1.99-OpenSSH_3.9p1" (doesnt need to be exact) then SSH is running on port 22. If you do not see that then you might have a firewall blocking it, or its not running, and we need to go from there.

Assuming you do get that far, then I suggest downloading http://www.ipswitch.com/_download/wsftppro.asp or a different client which can also do SSH encryption like http://www.download.com/Core-FTP-Lit...ml?tag=lst-0-1 (never tried it but its free)

Install that program and try to connect to sftp://youripaddress There might be some additional settings you need to figure out but thats something you will need to do on your own. Once this is done you will use your logon (NOT ROOT) that you always use to logon to your linux box. if all goes well, you should be connected! Remember you wont have full control over every file since your not root, but thats a good thing.

Ryan

Got it. I'll continue tonight since I have a dynamic IP and I need to be at home to find out the IP address. I also have to make sure I have the port forwarding configured on the router.

Thanks for the help!

Hey
go to http://www.dyndns.org/ and get a dynamic dns name for your IP address, like
ice1000.dyndns.org

This way, you can set your router to automatically tell Dyndns when your IP changes and ice1000.dyndns.org will automatically be updated with the new IP address. Thus, you can always find your computer.

Hamish

I configured port forwarding for telnet, it was trying to connect on port 23 not 21 and I get a connection failed.

Here's another potential issue. Before Mandrake, I was trying to use Serv-U to set up an FTP server. Look at this help page.

FTP works on port 21 but the port forwarding is configured for ports 2000 - 2010. Although I am not using Serv-U, should I use a similar approach for Mandrake? I forwarded ports 20 - 21 & 23, are these the right ports?

We want to forward port 22 (SSH). When you telnet, dont forget to specify port 22 (i.e. telnet <Ip Address> 22 ). What this is doing is sending a data packet to port 22 to verify it is open and listening. If you dont specify port 22 then it will use the default telnet port 23 which we do not want. You only want to use ports 21 and 23 (unsecure telnet and FTP) when its absoulutely necessary!

on your server type:
pgrep sshd

did you get a response of process id numbers?


Forward port 22 to your linux box and try to connect via SFTP or SSH. Actually, SFTP and Secure Copy (SCP) are installed in parallel with SSH (which you should already have) and they always run simultaneously on the same TCP port, but lets get you running first.

ok so.....
1) forward port 22
2) verify sshd is running
3) download Putty SSH if you want to SSH (ie secure telnet) or Putty FTP
4) connect

(sorry for throwing so many different links out there for you, just tring to find the easiest solution to get you started, then we can work on the details)

I can't connect via Telnet. The command prompt says it could not open connection on host.

Running the pgrep sshd on the linux box does nothing...

As root type:
urmpi sshd

and try the same steps.