ch48.htm

linux-unix130.linux.and.unix.ebooks130 linux and unix ebookslinuxLearning Linux - Collection of 12 E

<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW">
<SCRIPT>
<!--
function displayWindow(url, width, height) {
        var Win = window.open(url,"displayWindow",'width=' + width +
',height=' + height + ',resizable=1,scrollbars=yes');
}
//-->
</SCRIPT>
</HEAD>

 -->





<font face="Arial,Helvetica" size="-1" color="#006666">
<b>Linux</b></font><p>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">





 












<UL>

	<LI><A HREF="#Heading1">- 48 -</A>

	<UL>

		<LI><A HREF="#Heading2">FTP and Anonymous FTP Sites</A>

		<UL>

			<LI><A HREF="#Heading3">What Is FTP?</A>

			<UL>

				<LI><A HREF="#Heading4">Using FTP</A>

				<LI><A HREF="#Heading5">How FTP Uses TCP</A>

			</UL>

			<LI><A HREF="#Heading6">Configuring FTP</A>

			<UL>

				<LI><A HREF="#Heading7">Setting Up ftpd</A>

				<LI><A HREF="#Heading8">FTP Logins</A>

				<LI><A HREF="#Heading9">Setting Up the Directories</A>

				<LI><A HREF="#Heading10">Setting Permissions</A>

				<LI><A HREF="#Heading11">Test the System</A>

			</UL>

			<LI><A HREF="#Heading12">A More Secure FTP</A>

			<UL>

				<LI><A HREF="#Heading13">Checklist: Protecting an Anonymous FTP System</A>

			</UL>

			<LI><A HREF="#Heading14">Summary</A>

		</UL>

	</UL>

</UL>



<P>

<HR SIZE="4">



<H2 ALIGN="CENTER"><A NAME="Heading1<FONT COLOR="#000077">- 48 -</FONT></H2>

<H2 ALIGN="CENTER"><A NAME="Heading2<FONT COLOR="#000077">FTP and Anonymous

FTP Sites</FONT></H2>

<P><I>by Tim Parker</I></P>

<P>IN THIS CHAPTER</P>



<UL>

	<LI>What Is FTP? 

	<P>

	<LI>Configuring FTP 

	<P>

	<LI>A More Secure FTP 

</UL>



<P>Snap question: What is the most widely used TCP/IP and Internet service? If you

answered FTP, you're right. (If you didn't choose FTP, this may come as a bit of

a surprise. The fact is, FTP remains the most widely used service; although the World

Wide Web is quickly catching up.) FTP's popularity is easy to figure: The FTP software

is supplied with every version of UNIX and Linux; it's easy to install, configure,

and use; and it gives users access to a wealth of information with very little effort.</P>



<P>If all you want to use FTP for is connecting to another machine and transferring

files, then you don't have to do much more than enable the FTP service on your system.

Much more interesting to many users is turning your Linux machine into an FTP site,

where others can connect and obtain files you make available. That's the primary

focus of this chapter--setting up an FTP site on your Linux machine. We'll begin,

though, with a quick look at using FTP and the way FTP runs on TCP. This information

should help you understand how FTP works and what it does with TCP/IP.

<H3 ALIGN="CENTER"><A NAME="Heading3<FONT COLOR="#000077">What Is FTP?</FONT></H3>

<P>The File Transfer Protocol (FTP) is one protocol in the TCP/IP family used to

transfer files between machines running TCP/IP. (FTP-like programs are also available

for some other protocols.) The File Transfer Protocol allows you to transfer files

back and forth and manage directories. FTP is not designed to allow you access to

another machine to execute programs, but it is the best utility for file manipulation.

To use FTP, both ends of a connection must be running a program that provides FTP

services. The end that starts the connection (the client) calls the other end (the

server) and establishes the FTP protocol through a set of handshaking instructions.</P>

<P>Usually, when you connect to a remote system via FTP, you must log in. This means

you must be a valid user, with a user name and password for that remote machine.

Because it is impossible to provide logins for everyone who wants to access a machine

that enables anyone to gain access, many systems use &quot;anonymous FTP&quot; instead.

Anonymous FTP enables anyone to log in to the system with the login name of &quot;<TT>ftp</TT>&quot;

or &quot;<TT>anonymous</TT>&quot; with either no password, or an e-mail address for

their local system.

<H4 ALIGN="CENTER"><A NAME="Heading4<FONT COLOR="#000077">Using FTP</FONT></H4>

<P>Using FTP to connect to a remote site is easy. You have access to the remote machine

either through the Internet (directly or through a service provider) or through a

local area network if the remote machine is directly reachable. To use FTP, you start

the FTP client software and provide the name of the remote system you want to connect

to. For example, assuming you can get to the remote machine through a LAN or the

Internet (which knows about the remote machine thanks to Domain Name Service), you

issue the following command:<FONT COLOR="#0066FF"></FONT>

<PRE><FONT COLOR="#0066FF">ftp chatton.com

</FONT></PRE>

<P>This will instruct your FTP software to try to connect to the remote machine <TT>chatton.com</TT>

and establish an FTP session.</P>

<P>When the connection is completed (and assuming the remote system allows FTP logins),

the remote will prompt for a user ID. If anonymous FTP is supported on the system,

a message will usually tell you exactly that. The following is for the Linux FTP

archive site <TT>sunsite.unc.edu</TT>:

<PRE><FONT COLOR="#0066FF">ftp sunsite.unc.edu

331 Guest login ok, send your complete e-mail address as password.

Enter username (default: anonymous): anonymous

Enter password [tparker@tpci.com]: 

|FTP| Open

230-       WELCOME to UNC and SUN's anonymous ftp server

230-            University of North Carolina

230-           Office FOR Information Technology

230-               SunSITE.unc.edu

230 Guest login ok, access restrictions apply.

FTP&gt;

</FONT></PRE>

<P>After the login process is completed, you will see the prompt <TT>FTP&gt;</TT>

indicating the remote system is ready to accept commands.</P>

<P>When you log on to some systems, you may see a short message that contains instructions

for downloading files, any restrictions that are placed on you as an anonymous FTP

user, or information about the location of useful files. For example, you may see

messages like these (taken from the Linux FTP site):<FONT COLOR="#0066FF"></FONT>

<PRE><FONT COLOR="#0066FF">To get a binary file, type: BINARY and then: GET &quot;File.Name&quot; newfilename

To get a text file, type:  ASCII and then: GET &quot;File.Name&quot; newfilename

Names MUST match upper, lower case exactly. Use the &quot;quotes&quot; as shown.

To get a directory, type: DIR. To change directory, type: CD &quot;Dir.Name&quot;

To read a short text file, type: GET &quot;File.Name&quot; TT 

For more, type HELP or see FAQ in gopher.

To quit, type EXIT or Control-Z. 



230- If you email to info@sunsite.unc.edu you will be sent help information

230- about how to use the different services sunsite provides.

230- We use the Wuarchive experimental ftpd. if you &quot;get&quot; &lt;directory&gt;.tar.Z 

230- or &lt;file&gt;.Z it will compress and/or tar it on the fly. Using &quot;.gz&quot; instead

230- of &quot;.Z&quot; will use the GNU zip (/pub/gnu/gzip*) instead, a superior 

230- compression method.

</FONT></PRE>

<P>Once you are logged on the remote system, you can use familiar Linux commands

to display file contents and move around directories. To display the contents of

a directory, for example, use the <TT>ls</TT> command (some systems support the DOS

equivalent <TT>dir</TT>). To change to a subdirectory, use the <TT>cd</TT> command.

To return to the parent directory (the one above the current directory), use the

<TT>cd ..</TT> command. As you can see, these commands are the same as you would

use on your local machine, except you are now navigating on the remote system.</P>

<P>There are no keyboard shortcuts (such as pressing the Tab key to fill in names

that match) available with FTP. This means you have to type in the name of files

or directories in their entirety (and correctly). If you misspell a file or directory

name, you will get error messages and have to try again. Luckily, if you are performing

the FTP session through X Window, you can cut and paste lines from earlier in your

session.</P>

<P>Transferring files is the whole point of FTP, so you need to know how to retrieve

a file from the remote system, as well as how to put a new file there. When you have

moved through the remote system's directories and have found a file you want to transfer

back to your local system, use the <TT>get</TT> command. This is followed by the

filename. For example:<FONT COLOR="#0066FF"></FONT>

<PRE><FONT COLOR="#0066FF">get &quot;soundcard_driver&quot;

</FONT></PRE>

<P>This will transfer the file <TT>soundcard_driver</TT> from the remote machine

to the current directory on your local machine. When you issue a <TT>get</TT> command,

the remote system will transfer data to your local machine and display a status message

when it is completed. There is no indication of progress when a large file is being

transferred, so be patient. (Most versions of FTP allow you to use the <TT>hash</TT>

option, which displays pound signs every time a kilobyte of information has been

transferred. This can be used to show that the transfer is underway, but it doesn't

offer a time to completion.)<FONT COLOR="#0066FF"></FONT>

<PRE><FONT COLOR="#0066FF">FTP&gt; get &quot;file1.txt&quot;

200 PORT command successful.

150 BINARY data connection for FILE1.TXT (27534 bytes)

226 BINARY Transfer complete.

27534 bytes received in 2.35 seconds (12 Kbytes/s).

</FONT></PRE>

<P>If you want to transfer a file the other way (from your machine to the remote,

assuming you are allowed to write to the remote machine's file system), use the <TT>put</TT>

command in the same way. The command<FONT COLOR="#0066FF"></FONT>

<PRE><FONT COLOR="#0066FF">put &quot;comments&quot;

</FONT></PRE>

<P>will transfer the file comments from your current directory on the local machine

(you can specify full pathnames) to the current directory on the remote machine (unless

you change the path).</P>

<P>The commands <TT>get</TT> (download) and <TT>put</TT> (upload) are always relative

to your home machine. You are telling your system to get a file from the remote and

put it on your local machine, or to put a file from your local machine onto the remote

machine. (This is the exact opposite of <TT>telnet</TT>, which has everything relative

to the remote machine. It is important to remember which command moves in which direction,

or you could overwrite files accidentally.)</P>

<P>The quotation marks around the filenames in the preceding examples are optional

for most versions of FTP, but they do prevent shell expansion of characters, so it's

best to use them. For most files, the quotation marks are not needed, but using them

is a good habit to get into.</P>

<P>Some FTP versions provide a wildcard capability using the commands <TT>mget</TT>

and <TT>mput</TT>. Both the FTP <TT>get</TT> and <TT>put</TT> commands usually transfer

only one file at a time, which must be completely specified (no wildcards). The <TT>mget</TT>

and <TT>mput</TT> commands enable you to use wildcards. For example, to transfer

all the files with a <TT>.doc</TT> extension, you could issue this command:<FONT

COLOR="#0066FF"></FONT>

<PRE><FONT COLOR="#0066FF">mget *.doc

</FONT></PRE>

<P>You will have to try the <TT>mget</TT> and <TT>mput</TT> commands to see if they

work on your FTP version. (Some FTP <TT>get</TT> and <TT>put</TT> commands allow

wildcards, too, so you can try wildcards in a command line to see if they work, instead.)</P>

<P>FTP allows file transfers in several formats, which are usually system dependent.

The majority of systems (including Linux systems) have only two modes: ASCII and

binary. Some mainframe installations add support for EBCDIC, while many sites have

a local type that is designed for fast transfers between local network machines (the

local type may use 32- or 64-bit words).</P>

<P>The difference between the binary and ASCII modes is simple. Text transfers use

ASCII characters separated by carriage return and new-line characters. Binary mode

allows transfer of characters with no conversion or formatting. Binary mode is faster

than text and also allows for the transfer of all ASCII values (necessary for non-text

files). FTP cannot transfer file permissions because these are not specified as part

of the protocol.</P>

<P>Linux's FTP provides two modes of file transfer: ASCII and binary. Some systems

automatically switch between the two when they recognize a file is binary format,

but you shouldn't count on the switching unless you've tested it before and know

it works. To be sure, it is a good idea to manually set the mode. By default, most

FTP versions start up in ASCII mode, although a few start in binary.</P>

<P>To set FTP in binary transfer mode (for any executable file or file with special

characters embedded for spreadsheets, word processors, graphics, and so on), type

the command<FONT COLOR="#0066FF"></FONT>

<PRE><FONT COLOR="#0066FF">binary

</FONT></PRE>

<P>You can toggle back to ASCII mode with the command <TT>ascii</TT>. Since you will

most likely be checking remote sites for new binaries or libraries of source code,

it is a good idea to use binary mode for most transfers. If you transfer a binary

file in ASCII mode, it will not be usable on your system.</P>

<P>ASCII mode includes only the valid ASCII characters and not the 8-bit values stored

in binaries. Transferring an ASCII file in binary mode does not affect the contents

except in very rare instances.</P>

<P>To quit FTP, type the command <TT>quit</TT> or <TT>exit</TT>. Both will close

your session on the remote machine, and then terminate FTP on your local machine.

Users have a number of commands available within most versions of FTP. The following

list outlines the ones most frequently used: 

<TABLE BORDER="0">

	<TR ALIGN="LEFT" rowspan="1">

		<TD WIDTH="58" ALIGN="LEFT"><TT>ascii</TT> </TD>

		<TD ALIGN="LEFT">Switches to ASCII transfer mode </TD>

	</TR>

	<TR ALIGN="LEFT" rowspan="1">

		<TD WIDTH="58" ALIGN="LEFT"><TT>binary</TT> </TD>

		<TD ALIGN="LEFT">Switches to binary transfer mode </TD>

	</TR>

	<TR ALIGN="LEFT" rowspan="1">