Introduction
- File Transfer Protocol (FTP) is a standard network protocol used to transfer files between a client and a server over a TCP/IP network.
- Linux provides several FTP services that allow secure and efficient file sharing between systems.
FTP Services in Linux
- Linux supports multiple FTP solutions or services, each designed for different security and performance needs.
-
FTP (File Transfer Protocol)
-
FTP is a traditional protocol that allows users to upload and download files from a remote server. It uses:-Port 21 for control commands and Port 20 or random ports for data transfer. However, FTP transmits usernames, passwords, and data in plain text, which makes it insecure.
-
-
FTPS (FTP Secure)
-
FTPS is an extension and advanced form of FTP that adds SSL/TLS encryption. It secures authentication and data transfer but requires certificate management and firewall configuration.
-
-
SFTP (Secure File Transfer Protocol)
-
SFTP is a secure file transfer protocol that works over SSH (Secure Shell). It uses port 22 and encrypts all data, making it the most secure and commonly recommended option in Linux systems.
-
SFTP provides secure authentication and encrypted data transfer. It is easier to configure because it relies on SSH.
-
It is firewall-friendly and widely supported across Linux systems.
-
-
Configuring a Basic FTP Server in Linux
- One of the most popular FTP servers in Linux is vsftpd (Very Secure FTP Daemon).
- To Install vsftpd
- The vsftpd package can be installed using the Linux package manager.
- For example (on Debian/Ubuntu-based Linux systems):
$ sudo apt install vsftpd (press enter)
- To Start and Enable the FTP Service
- After installing vsftpd, the FTP service must be started and enabled to run at boot time.
$ sudo systemctl start vsftpd (press enter)
$ sudo systemctl enable vsftpd (press enter)
- To Configure vsftpd
- The main configuration file of vsftpd is located at: /etc/vsftpd.conf
- Important configuration options include:
anonymous_enable=NO (disables anonymous access).
local_enable=YES (allows local system users to log in).
write_enable=YES (allows users to upload files).
chroot_local_user=YES (restricts users to their home directories).
After modifying/setting the configuration file, the FTP service must be restarted.
$ sudo systemctl restart vsftpd (press enter)
- Firewall Configuration
- The FTP service must be allowed through the firewall.
$ sudo firewall-cmd –add-service=ftp –permanent (press enter)
$ sudo firewall-cmd –reload (press enter)
- Testing FTP Server
- The FTP server can be tested using the ftp command:
$ ftp server_ip_address (press enter)
Users can log in using their provided Linux username and password.
Configuring an SFTP Server in Linux
- SFTP is the preferred file transfer method in Linux because it provides strong security.
- How SFTP Works:
- SFTP operates over the SSH protocol, which means that no separate FTP server is required.
- Data and credentials are fully encrypted.
- It uses port 22.
If SSH is running, SFTP is automatically available.
- Installing and Enabling SSH
- Most Linux systems come pre-installed with OpenSSH.
- To install OpenSSH:
$ sudo apt install openssh-server (press enter)
-
- To start and enable SSH
$ sudo systemctl start ssh (press enter)
$ sudo systemctl enable ssh (press enter)
- Using SFTP Command
- To connect to a remote server using SFTP
$ sftp username@server_ip_address (press enter)
-
- Common SFTP commands used
- ls – list files
- pwd – show current directory
- get filename – download file
- put filename – upload file
- exit – close connection
- Common SFTP commands used
- Restricting SFTP Users
- Linux allows administrators to restrict users to SFTP-only access by editing
$ /etc/ssh/sshd_config (press enter)
-
- After changes, restart SSH to configure completely
$ sudo systemctl restart ssh (press enter)
0 Comments