Posts Tagged FTP

FTP server on Ubuntu

OpenSSH includes sftp server if openSSH is installed in a Ubuntu system. No need to install another ftp server, such as vsftpd, which is nice for virtual ftp users. If there is no need for virtual FTP server, do not bother to install it. Just use the openSSH SFTP server. Common FTP clients, like filezilla, include SFTP protocol. It is very easy to setup and use. It requires users have SSH access of the system to use SFTP otherwise it cannot be used.

Share

Tags: , , ,

FileApp – a useful tool for file transfer between iPod/iPhone and PCs

FileApp is a free app in iTune store. After I got it and tried a little bit. By following the app maker’s suggestions, I went their website and downloaded DiskAid, which is a paid application. I tried it and found its functions are just so so. Unwilling to pay for the application, my only choice is to use either iTune or FTP.

First let us explore the FTP solution.In the FileApp side, it is straight forward. After you open the app, tap the middle button on the top right corner, it looks like a wireless beam. When the sharing screen appears, tap WIFI button in the middle, the bottom part of the screen switch to Wi-Fi connection. There will be a LAN ip address with a port number, for example, ftp://192.168.2.22:2121, in which 2121 is the port number. When you setup the connection in your FTP client, you have to change the default port number 21 to 2121. The ip address is 192.168.2.22 in this case. In Windows, there are plenty of free FTP clients. I found one at http://www.coreftp.com/. It provides enough functions you need.

Second, let us look at the iTune solution. After you plug in your iPod/iPhone to your PC, you can use iTunesʼ built-in interface for ʻFile Sharingʼ to add and remove files from your iPod/iPhone.  Start iTune, select your device, and go to the ʻAppsʼ section at the bottom of the screen. You will find a list of Apps, select “FileApp”, then at the right hand side, you can see the file and folder list. At the bottom of the box, there are two button allow you add or remove files. See the following screen shot.

Enjoy your iPod/iPhone and FileApp and forget DiskAid.

Share

Tags: , , , , , , , ,

User guide of NSLU2 file/web server


1. Introduction
2. Installation and configuration
3. FTP server
4. Web server
5. SSH server
6. Port forwarding

1. Introduction

Currently more and more families subscribe broadband Internet services, either Cable or DSL. In general, every family has more than one computer. To share hardware and software resources at home, such as hard drive, photos, music, software and so on, a dedicated computer as a file and/or web server has to run all the time, at least during the day time. More people are willing to have their own private web server running within their LANs. The problem is that a dedicated computer is not an energy- and cost-efficient solution. How can we obtain a more reasonable solution of a file and/or web server at home? A smart and practical solution of absolutely cost-efficient, energy saving and private file and/or web server is provided here for home networks. Linksys has a product called Network Storage Link for USB 2.0 Disk Drives (NSLU2). This device has two USB ports that you can plug external hard drives or flash drives. It provides a basic platform to create a cost-efficient and energy saving file and/or web server. The second component we need is a flash drive with 1 GB or more storage capacity. The third component is a customized firmware that allows us to install and configure software in a NSLU2 device. In the public domain, a user community called nslu2-linux-org makes enormous efforts to develop alternative firmware for NSLU2 devices. Unfortunately, a large group of people are not familiar with Linux and do not have experience to flash NSLU2 devices with the newly developed UNSLUG firmware.

Here is a customized NSLU2 with web server, file server, ftp server, and SSH server installed (see Figure 1). The customized system use FTP client to transfer and manage all files on the web server. In addition, usage of the web server is summarized and every 6 hours by Webalizer application. You can view the daily and monthly usage of your web server. By browsing these daily updated web pages you can easily monitor how your web server is used. If you like, you can make your web server available in the Internet by configuring your router properly. As a plus, you still can plug another external hard drive (formatted in NTFS Windows format) to the device and share it in your home network. This user manual describes how to use its web/ftp/ssh servers. You can evaluate the efficiency and speed of the web server by visiting http://www.sunfinedata.com/. It was constructed by the exactly same method. Plus, you can learn basic Linux commands by SSHing into the NSLU2 because a customized Linux operation system is running on it.


Figure 1. Components of the NSLU2 file/web server

Back to Content

2. Installation and configuration
A. Plug the Flash Drive

NSLU2 has two USB ports. You should plug the flash drive to the Disk 2 port at all the time. Do not try to plug it to Disk 1 port. The Disk 1 port is prepared for a NTFS format USB drive. So make sure that the flash drive is plugged into the Disk 2 port. The flash drive was formatted to Linux EXT3 format. It is totally different from the Windows partition formats (such as FAT16/32, NTFS). So do not try read and write files to your flash drive on any Windows PC.

B. Connect the device to your router and find its IP address

Use a RJ45 Ethernet cable to connect your device to your router. Since the default IP address of the device is set to dynamic, you can get its IP address in the clients table of your router. A sample client table could look like Figure 2. In this case, the IP address of the Linksys device (named LKG7E5076, your device will have different name) is 192.168.2.4.


Figure 2. Sample clients table in a router

C. Use web interface

The Linksys NSLU2 default username (admin) and password (admin) for the web interface are preserved. We recommend you to change the password to something meaningful to you. That will increase the security of the server if you expose it to the Internet.


Figure 3. The home page of the NSLU2 web interface
Use your web browser to visit the IP address (192.168.2.4) that is shown in the client table of your router. The home page of the NSLU2 will show up (see Figure 3). In the page, you can see the following important information:

Server nameLKG7E5076
Firmware version:V2.3R63-uNSLUng-6.8-beta
IP address192.168.2.4
USB port 1:Not installed (that means nothing is plugged in this port)
USB port 2:Ready, 729MB (94% Free) (This tells us that there is a disk attached to this port. The data partition has 729MB space of which 94% is free)

At the bottom of this page, you can find one line of message like ‘uNSLUng status: Unslung to disk 2, /dev/sda1’. That tells us the filesystem of the flash drive is running.

D. Change IP address setting

Through the web interface of the Linksys NSLU2, you can change the IP address configuration of the device. The following picture shows the web pages used to do the work. The customized NSLU2 server comes with dynamic IP address because you can easily find it in your LAN. Once you connect the device to your router, the first thing you need do is to change the IP address to a fixed one according your LAN setting. Please refer your router’s manual and NSLU2 original manual to do it. Figure 4 shows the current IP address setting and Figure 5 shows the changed setting.


Figure 4. The interface used to set the IP address of the NSLU2 device


Figure 5. Set a fixed IP address

Back to Content

3. FTP server

The customized device has FTP server enabled. Any normal account created through the NSLU2 web interface can connect to the FTP server remotely. To create a user account or change the password of existing accounts, please follow the NSLU2 original user guide. Figure 6 shows a sample view after connected to the NSLU2 device through the admin account. That is why I emphasize that you have to change the password of the admin account if you plan to expose your server to the Internet. An FTP account is set specifically for web server. Both the user name and password of the account are wwwroot.


Figure 6. A sample view of FTP server of the NSLU2 in a FTP client

Back to Content

4. Web server

There are two threads of thttpd web server running in the customized NSLU2. The web interface of the NSLU2 device is running on port 80. The user web server is running on port 8080. After you connect your device to your network and determine its IP address, you can look at the web server running at port 8080. Launch your web browser and enter http://192.168.2.4:8080/ to visit the user web server. Figure 7 shows the default web page for the user web server of the customized NSLU2. Please pay attention the above URL link. Since the default http port (80) is used for NSLU2’s web interface, we have to indicate the port that a web server is running for the user web server space. The port information is important for port forwarding, too. The default web page (index.html) on the user web server should be overwritten or deleted if you use a different file, such as index.htm. You can upload all files of your website through any FTP clients. The username and password for your web server are wwwroot. All web pages should be uploaded to wwwroot directory (see Figure 8). To share your web server through the Internet, you have to configure your router. Add the server IP address and the port 8080 to the forwarding IP list (see the port forwarding section for detail).


Figure 7. The default page for the user web server of the customized NSLU2


Figure 8. The initial FTP client window after connected the FTP server

Back to Content

5. SSH server

An SSH server is running in the customized NSLU2 device. That allows you log in the server and do configuration and install new packages. PuTTY is a free telnet/SSH client. You can use it to connect to any telnet server and SSH server. The following two links have PuTTY client program for downloading.

http://www.chiark.greenend.org.uk/~sgtatham/putty/

putty

Figure 9 shows a typical PuTTY configuration window. Every time the program is started, the window will pop up first. What you can do is type your server’s IP address in the Host name (or IP address) textbox and select the protocol type. If you use a telnet server, please select Telnet radio button, the port number will automatically change to 21. If you use an SSH server, please select SSH radio button, the port number will automatically change to 22. Click Open button to connect to the server. If this is your first time to log on this SSH server, an alert window will pop up first (see Figure 10). What you can do is to click Yes button to continue. Then a terminal window will pop up (See Figure 11). Within this window, you can enter the root username (root) and password (uNSLUng) to log in the device. You can always login as root. We suggest that you create a new user for normal maintenance of NSLU2.


Figure 9. A typical PuTTY configuration window


Figure 10. A security warning window when you connect to the SSH server first time


Figure 11. The normal terminal window after you log in the device

Back to Content

6. Port forwarding

If you are intending to expose your servers to the Internet, you have to study your router’s user manual and find a way to set port forwarding. Table 1 lists the port and protocol of different servers running in the NSLU2. They are useful when you set port forwarding in your router.

Table 1 Port information of different services for access from the Internet

Server Port LAN IP Protocol
FTP 21 Your device IP address TCP
HTTP 8080 Your device IP address TCP
SSH 22 Your device IP address TCP

The port forwarding function is different from router to router. Here we give two examples of port forwarding based on a USR 5461 router and an ActionTec DSL modem (see Figure 12 and Figure 13). For detail steps you should check the user guide of your router.


Figure 12 Port forwarding section in a USR 5461 router


Figure 13 Port forwarding section in ActionTec DSL modem

Back to Content

Reference

Share

Tags: , , , , , , , ,

Use MySQL to handle VSFTPD virtual users on Debian/Ubuntu System

VSFTPD is a secure, robust FTP server on Unix/Linux system. It not only can handle local users but also virtual users. Virtual users have to use username and password to access ftp server instead of anonymous user. I helped to set a VSFTPD server recently to handle virtual users on a Debian/Ubuntu server system. It took me a while to get everything fixed. I’d like to write down all bits I encountered and went through. Hopefully it is useful to new comers. The main idea and configuration was from the two reference posts listed at the end of the article. The authors of these articles should get major credits. I just read and modified what they suggested and combined them together.

Install and configure VSFTPD

On a Debian/Ubuntu server system, it is pretty easy to install vsftpd server package. If you are not sure the package name please use apt-cache search to search package database. The following Linux command can easily install VSFTPD to your system.

# apt-get install vsftpd

Once installation is done, you can rename the default vsftpd.conf file to a different name and create a new one with the following content.

/etc/vsftpd.conf

anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
ftpd_banner=Hello.
pam_service_name=vsftpd
listen=YES
tcp_wrappers=YES
anon_upload_enable=NO
anon_mkdir_write_enable=NO
anon_other_write_enable=NO
guest_enable=YES
guest_username=vsftpdguest
user_sub_token=$USER
local_root=/home/vsftpdguest/$USER
virtual_use_local_privs=YES
chroot_local_user=YES

Now you should create a local user as a representative for all vritual users in your system.

# useradd -s /bin/false -d /home/vsftpdguest vsftpdguest

The home directory of this user is /home/vsftpdguest and has no shell console access privilege. It is specifically for handling virtual ftp users. For all virtual users, you have to create a folder with same name as user name for each virtual user under /home/vsftpdguest. We will create a virtual user call ‘vuser_1’ in next step. Let use create a folder for it.

# mkdir /home/vsftpdguest/vuser_1

Create MySQL database and populate it

I assume that MySQL server is already installed on the same machine. To reduce errors, do not manual type your commands. Copy and paste the vsftpd.sql file to your system and edit it based on your need. Then run mysql command as the following with your root password for MySQL server.

# mysql -u root -p
vsftpd.sql

/* create database */
CREATE DATABASE IF NOT EXISTS `vsftpdvu`;
/* create users table in the database */
CREATE TABLE `users` (
  `name` char(16) character NULL,
  `passwd` char(41) default NULL
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
/* insert a new virtual user */
INSERT INTO `users` VALUES
  ('vuser_1',password('temppasswd1'));
/* create new database user */
grant select on vsftpdvu.users to vsftpdguest@localhost identified by 'temppasswd';

Test the new database user ‘vsftpdguest’ on vsftpdvu database. If everything works out correctly, you should see virtual user ‘vuser_1’.

# mysql -u vsftpdguest -ptemppasswd vsftpdvu
mysql> select * from users;
mysql> quit

Install libpam_mysql and setup PAM authorization method

In order to use MySQL database to handle virtual users for the ftp server, you have to install pam_mysql module, a PAM module allowing authentication from a MySQL server.

# apt-get install libpam-mysql

The pam_mysql.so lib will be installed to /lib/security/. Then copy and paste the following two rows to replace the content of your /etc/pam.d/vsftpd. The original content in the vsftpd file is for local user authorization. See my comment at the end for reason to do this.

/etc/pam.d/vsftpd

auth required /lib/security/pam_mysql.so user=vsftpdguest passwd=temppasswd1 host=localhost db=vsftpdvu table=users usercolumn=name passwdcolumn=passwd crypt=2
account required /lib/security/pam_mysql.so user=vsftpdguest passwd=temppasswd1 host=localhost db=vsftpdvu table=users usercolumn=name passwdcolumn=passwd crypt=2

Test FTP server inside out

Now you have a brand new FTP server to handle all virtual users. Let us test the server and make sure it works properly. First of all, restart the vsftpd server.

# /etc/init.d/vsftpd restart

Test the ftp server locally.

# ftp 127.0.0.1
Connected to 127.0.0.1.
220 Hello.
User (127.0.0.1:(none)): vuser_1
331 Please specify the password.
Password:
230 Login successful.
ftp>

Additional comments

The FTP server we setup here can exclusively handle virtual users, not local users. You need setup different server to handle the two groups of users, not both simultaneously. I read a lot of threads on different forums asking about how to set VSFTPD to handle both groups of users simultaneously. It is not possible for security sake.

Reference

  1. VSFTPD Problems – Virtual Users
  2. Setup Virtual Users and Directories in VSFTPD
Share

Tags: , , , , , , ,