FTP: Difference between revisions
m (Concatenated and moved "see also" sections to bottom of article. Removed wikilink to non-existent article.) |
(Large cleanup: remove all red links, correct most (if not all) errors, remove page cleanup infobox) |
||
Line 1: | Line 1: | ||
FTP (or '''F'''ile '''T'''ransfer '''P'''rotocol) is a protocol that allows you to transfer files from a server to a client and vice versa (as FTP uses a client-server architecture). FTP is among the oldest protocols as its origins can be traced as far back as 1971 according to [https://en.wikipedia.org/wiki/Ftp#History_of_FTP_servers Wikipedia]. | FTP (or '''F'''ile '''T'''ransfer '''P'''rotocol) is a protocol that allows you to transfer files from a server to a client and vice versa (as FTP uses a client-server architecture). FTP is among the oldest protocols as its origins can be traced as far back as 1971 according to [https://en.wikipedia.org/wiki/Ftp#History_of_FTP_servers Wikipedia]. | ||
Variants of FTP also exist, including SFTP (SSH FTP, not to be confused with Simple FTP) and FTPS (FTP with SSL). SFTP, as the name implies, is done over SSH. FTPS is plain FTP with TLS/SSL encryption. | |||
Alpine Linux has various FTP clients and servers that you can install and use: | Alpine Linux has various FTP clients and servers that you can install and use, including the following: | ||
* {{Pkg|vsftpd}} (server) | * {{Pkg|vsftpd}} (server) | ||
* {{Pkg|ncftp}} (client) | * {{Pkg|ncftp}} (client) | ||
* {{Pkg|lftpd}} (client | * {{Pkg|lftpd}} (client) | ||
Plenty of other clients also exist, but the ones mentioned above are the only ones covered. See [[#Clients]] for more details. | |||
= Servers = | = Servers = | ||
== vsftpd == | == vsftpd == | ||
In Alpine Linux the default FTP server is {{Pkg|vsftpd}}. However, it's not widely used due to common hosting panels not handling it's configuration management. In contrast {{Pkg|vsftpd}} is more secure and doesn't require many updates. | In Alpine Linux the default FTP server is {{Pkg|vsftpd}}. However, it's not widely used due to common hosting panels not handling it's configuration management. In contrast, {{Pkg|vsftpd}} is more secure and doesn't require many updates. | ||
vsftpd claims | vsftpd also claims it's the "most secure and fastest FTP server for UNIX-like systems". It's the default FTP server in NimbleX, Slackware, and many other Linux distributions. In addition, it's also recommended because of relatively easy configuration. | ||
{| class="wikitable" | {| class="wikitable" | ||
|- | |- | ||
! Feature !! Value/Name !! Observations | ! Feature !! Value/Name !! Observations | ||
|- | |- | ||
| | | Package name || vsftpd || <code><nowiki>apk add vsftpd</nowiki></code> | ||
|- | |- | ||
| | | Manpages and <code>-doc</code> packages || vsftpd-doc || <code><nowiki>apk add vsftpd-doc</nowiki></code> | ||
|- | |- | ||
| | | Configuration file || {{Path|/etc/vsftpd/vsftpd.conf}} || The default config is stock from vsftpd | ||
|- | |- | ||
| | | Default Path For Files || {{Path|/var/lib/ftp}} || Because anonymous access is enabled by default, this is the daemon's default home directory | ||
|- | |- | ||
| | | Log Files || {{Path|/var/log/vsftpd.log}} || Configurable in vsftp.conf | ||
|- | |- | ||
| | | User Running The Service || vsftpd || Alpine does '''not''' have an "ftp" user; it uses a group with the same name instead. | ||
|- | |- | ||
| | | Group(s) to common to || vsftpd || Used to share things among others daemons or services, like Redis or Apache | ||
|} | |} | ||
==== Limitations ==== | ==== Limitations ==== | ||
* | * SFTP is not supported | ||
=== Installing vsftpd === | === Installing vsftpd === | ||
To install and run vsftpd, simply run: | |||
<pre> | <pre> | ||
apk add vsftpd | apk add vsftpd | ||
Line 62: | Line 51: | ||
rc-service vsftpd restart | rc-service vsftpd restart | ||
</pre> | </pre> | ||
=== Configuring vsftpd === | === Configuring vsftpd === | ||
The default configuration is not ideal because anonymous access is enabled by default and IPv4 support is only enabled. Therefore, the default configuration should not be considered suitable for production uses. Some common server configuration schemes include allowing anonymous access of files, user system FTP services, and virtual users (on the server end). | |||
Per user FTP files can be supported by special directive in the vsftp.conf file using <code>user_sub_token</code>. For example, this can be set to something like {{Path|/home/$USER/public_ftp}} if we enable it (process are described below in further section "vsftpd configuration" | |||
=== Managing vsftpd === | |||
'''Starting vsftpd''': After the installation {{Pkg|vsftpd}} is not running. As we said in first section, was started already but if you want to start {{Pkg|vsftpd}} manually use: | |||
{{Cmd|rc-service vsftpd start}} | {{Cmd|rc-service vsftpd start}} | ||
If starting vsftpd went OK, you should see output similar to the following: | |||
<pre> | <pre> | ||
Line 88: | Line 72: | ||
</pre> | </pre> | ||
'''Stopping vsftpd''': | '''Stopping vsftpd''': if you want to stop the web server use ''stop'' in the same way of previous command: | ||
{{Cmd|rc-service vsftpd stop}} | {{Cmd|rc-service vsftpd stop}} | ||
'''Restarting or reloading vsftpd''': After changing the configuration file, you must either restart or reload vsftpd in order for the new configuration to take effect. You can | '''Restarting or reloading vsftpd''': After changing the configuration file, you must either restart or reload vsftpd in order for the new configuration to take effect. You can run one of the following commands below to achieve the desired effect: | ||
{{Cmd|rc-service vsftpd restart}} | {{Cmd|rc-service vsftpd restart}} | ||
{{Cmd|rc-service vsftpd reload}} | {{Cmd|rc-service vsftpd reload}} | ||
The latter | The latter reloads vsftpd's configuration file while the former restarts vsftpd entirely. The latter might be preferred as it prevents having to reload vsftpd entirely. | ||
If you ''restarted'' vsftpd, there should be output similar to the following: | |||
<pre> | <pre> | ||
* Stopping vsftpd... [ ok ] | * Stopping vsftpd... [ ok ] | ||
Line 105: | Line 89: | ||
</pre> | </pre> | ||
If you ''reloaded'' vsftpd, the output will be similar to the following instead: | |||
<pre> | <pre> | ||
Line 111: | Line 95: | ||
</pre> | </pre> | ||
'''Using the proper runlevel''': using the "default" runlevel should work in most cases, although there might be custom runlevels present and it might be more desirable to add vsftpd to a runlevel other than "default". However, keep in mind that runlevels aren't present in Docker containers because Alpine is used mostly in Docker. | |||
To add vsftpd to a runlevel, use the following command: | |||
{{Cmd|rc-update add vsftpd [runlevel]}} | |||
Where <code>[runlevel]</code> is the name of the runlevel you want to add the vsftpd service too. For example, if you want to add vsftpd to the "default" run level, run <code>rc-update add vsftpd default</code> | |||
=== Testing vsftpd === | === Testing vsftpd === | ||
This section is assuming that vsftpd is running. At the moment, there might not be | This section is assuming that vsftpd is running. At the moment, there might not be the 'ftp' user allowed or even available, but the server is up and running. | ||
You can use netcat to test if a connection to the server is successful: | |||
{{Cmd|nc -zv server_address}} | {{Cmd|nc -zv server_address}} | ||
Be sure to change <code>server_address</code> with the actual IP address of the server. The common response will be '''OPEN''' if the server is running. | Be sure to change <code>server_address</code> with the actual IP address of the server. The common response will be '''OPEN''' if the server is running. If you receive another response, review your server configuration. | ||
= | = Clients = | ||
Because FTP uses a client-server architecture, you will need an FTP client if you want to interact with an FTP server. Alpine provides several packages for command-line FTP clients: | |||
* {{Pkg|lftp}}. Check out [[#lftp]] | * {{Pkg|lftp}}. Check out [[#lftp]] | ||
* {{Pkg|ncftp}} | * {{Pkg|ncftp}} | ||
If you prefer a graphical client, check out the following: | |||
* {{Pkg|pcmanfm}}. See PCManFM with GVfs]] | |||
Some web browsers also support FTP, although most major such as Chrome and Firefox removed support. | |||
== lftp == | == lftp == | ||
lftp is a sophisticated file transfer program that supports a number of network protocols, including FTP, HTTP, SFTP, FISH, and BitTorrent. It also has the following features: | |||
* | * Job control | ||
* | * Support for bookmarks | ||
* | * Support for a built-in mirror command | ||
* Support for parallel file transfers | |||
* | * <code>readline</code> used for input | ||
{| class="wikitable" | {| class="wikitable" | ||
|- | |- | ||
! Feature !! Value/Name !! Notes | ! Feature !! Value/Name !! Notes | ||
|- | |- | ||
| | | Package Name || lftp || Install: <code><nowiki>apk add lftp</nowiki></code> | ||
|- | |- | ||
| | | Manpages and <code>-doc</code> Packages || vsftpd-doc || Install: <code><nowiki>apk add lftp-doc</nowiki></code> | ||
|- | |- | ||
| Configuration | | System Configuration Files || {{Path|/etc/lftp.conf}} || Little to no customizations are made by Alpine | ||
|- | |- | ||
| | | User Configuration Files || {{Path|~/.lftprc}}, {{Path|~/.lftp/rc}} || The former is read first while the latter is read second if the former was not found. | ||
|} | |} | ||
=== Installing lftp === | === Installing lftp === | ||
To install lftp, run | To install lftp, run <pre>apk add lftp</pre> | ||
<pre> | |||
apk add lftp | |||
</pre> | |||
lftp has been provided in the main repository since Alpine 3.6, so it's a supported package that's ready for production use. | lftp has been provided in the main repository since Alpine 3.6, so it's a supported package that's ready for production use. | ||
Line 182: | Line 158: | ||
=== Configuring lftp === | === Configuring lftp === | ||
The main configuration file, <code><nowiki>/etc/lftp.conf</nowiki></code> comes with different examples and comments. On startup, lftp reads <code>/etc/lftp.conf</code>, <code>~/.lftprc</code>, and <code>~/.lftp/rc</code> | The main configuration file, <code><nowiki>/etc/lftp.conf</nowiki></code> comes with different examples and comments. On startup, lftp reads <code>/etc/lftp.conf</code>, <code>~/.lftprc</code>, and <code>~/.lftp/rc</code> in that exact order. These files are used to set system-wide and user-specific settings. | ||
In | In the configuration file, use the command set followed by the name of the setting followed by its value. Use <code>on</code>/<code>off</code> for boolean values. For example: | ||
<pre> | <pre> | ||
set ftp:ssl-force on | set ftp:ssl-force on | ||
set ssl:verify-certificate on | set ssl:verify-certificate on | ||
set ftp:use-feat off | set ftp:use-feat off | ||
set ftp:ssl-protect-data on | set ftp:ssl-protect-data on | ||
</pre> | </pre> | ||
Specific settings can be set for specific servers only. Append a slash (/) in front of the server name for a specific server. | |||
<pre> | <pre> | ||
Line 204: | Line 178: | ||
</pre> | </pre> | ||
{{Note|The closure for `dns:', `net:', `ftp:', `http:', `hftp:' domain variables is currently just the host name as you specify it in the `open' command (with some exceptions where closure is meaningless, e.g. dns:cache-size). For some `cmd:' domain variables the closure is the current URL without path. For other variables it is not | {{Note|The closure for `dns:', `net:', `ftp:', `http:', `hftp:' domain variables is currently just the host name as you specify it in the `open' command (with some exceptions where closure is meaningless, e.g., dns:cache-size). For some `cmd:' domain variables the closure is the current URL without path. For other variables, it is currently not used. See examples in the sample lftp.conf.}} | ||
=== More on lftp === | === More on lftp === | ||
By default, lftp is not very verbose about operations it performs in the background. If you want more output | By default, lftp is not very verbose about operations it performs in the background. If you want more output, you can use the 'debug' command (without the 'set' command): | ||
* debug 5 will display the full debug output. | * <code>debug 5</code> will display the full debug output. | ||
* debug 3 will only display greeting messages and error messages. | * <code>debug 3</code> will only display greeting messages and error messages. | ||
Note that | Note that using the -d switch from the command line will override any previous debug settings and the full debug output will be displayed. | ||
If you prefer some commands to be called by another name, you can set aliases: | If you prefer some commands to be called by another name, you can set aliases: | ||
lftpd supports aliases in the format <code>alias [name] [command]</code>, where <code>[name]</code> is the name of the lftpd alias and <code>[command]</code> is the name of the lftpd command. A couple of examples are shown below: | |||
<pre> | <pre> | ||
alias dir ls | alias dir ls | ||
alias less more | alias less more | ||
Line 225: | Line 200: | ||
alias reconnect "close; cache flush; cd ." | alias reconnect "close; cache flush; cd ." | ||
alias edit "eval -f "get $0 -o ~/.lftp/edit.tmp.$$ && shell \\"cp -p ~/.lftp/edit.tmp.$$ ~/.lftp/edit.tmp.$$.orig && vim ~/.lftp/edit.tmp.$$ && test ~/.lftp/edit.tmp.$$ -nt ~/.lftp/edit.tmp.$$.orig\\" && put ~/.lftp/edit.tmp.$$ -o $0; shell rm -f ~/.lftp/edit.tmp.$$*" | alias edit "eval -f "get $0 -o ~/.lftp/edit.tmp.$$ && shell \\"cp -p ~/.lftp/edit.tmp.$$ ~/.lftp/edit.tmp.$$.orig && vim ~/.lftp/edit.tmp.$$ && test ~/.lftp/edit.tmp.$$ -nt ~/.lftp/edit.tmp.$$.orig\\" && put ~/.lftp/edit.tmp.$$ -o $0; shell rm -f ~/.lftp/edit.tmp.$$*" | ||
</pre> | </pre> | ||
The last alias | The last alias should all be in one line. It gets a remote file, opens it with vim, and places the modified file back on the server. This can be very convenient when a file needs to be quickly edited and updated on the remote server. | ||
=== Example usage === | === Example usage === | ||
Below is an example of a mult-part download over | Below is an example of a mult-part download over SFTP: | ||
<code>$ lftp -e 'pget -c -n 5 /path/to/file' <nowiki>sftp://username@server</nowiki></code> | <code>$ lftp -e 'pget -c -n 5 /path/to/file' <nowiki>sftp://username@server</nowiki></code> | ||
Breakdown: | |||
* -e: | * -e: execute a command | ||
* pget: | * pget: the command for partial download, in addition to its options: | ||
* -c: | ** -c: option to resume | ||
* -n: | ** -n: option for number of parts | ||
* <nowiki>sftp://username@server</nowiki>: server URL | |||
== PCManFM with GVfs == | == PCManFM with GVfs == | ||
Line 247: | Line 222: | ||
While PCManFM is a file manager, installing the {{Pkg|gvfs}} plugin allows you to use it as a graphical FTP client. To connect to an FTP server, you can do the following: | While PCManFM is a file manager, installing the {{Pkg|gvfs}} plugin allows you to use it as a graphical FTP client. To connect to an FTP server, you can do the following: | ||
# From the menubar | # From the menubar, go to Go > Connect to a server | ||
# Choose the FTP protocol and input your username (path is optional) | # Choose the FTP protocol and input your username (path is optional) | ||
# After a while you will input the password for the username you input | # After a while you will input the password for the username you input | ||
[[File:Ftp-gui-pcmanfm_at_2020-09-11_14-13-03.png]] | [[File:Ftp-gui-pcmanfm_at_2020-09-11_14-13-03.png]] | ||
= See Also = | = See Also = | ||
* [[PXE boot]] | |||
* [[ | * [[Alpine newbie]] | ||
* [[Alpine newbie | |||
* [[Alpine newbie developer]] | * [[Alpine newbie developer]] | ||
[[Category:Newbie]] | [[Category:Newbie]] |
Revision as of 03:58, 9 December 2022
FTP (or File Transfer Protocol) is a protocol that allows you to transfer files from a server to a client and vice versa (as FTP uses a client-server architecture). FTP is among the oldest protocols as its origins can be traced as far back as 1971 according to Wikipedia.
Variants of FTP also exist, including SFTP (SSH FTP, not to be confused with Simple FTP) and FTPS (FTP with SSL). SFTP, as the name implies, is done over SSH. FTPS is plain FTP with TLS/SSL encryption.
Alpine Linux has various FTP clients and servers that you can install and use, including the following:
Plenty of other clients also exist, but the ones mentioned above are the only ones covered. See #Clients for more details.
Servers
vsftpd
In Alpine Linux the default FTP server is vsftpd. However, it's not widely used due to common hosting panels not handling it's configuration management. In contrast, vsftpd is more secure and doesn't require many updates.
vsftpd also claims it's the "most secure and fastest FTP server for UNIX-like systems". It's the default FTP server in NimbleX, Slackware, and many other Linux distributions. In addition, it's also recommended because of relatively easy configuration.
Feature | Value/Name | Observations |
---|---|---|
Package name | vsftpd | apk add vsftpd
|
Manpages and -doc packages |
vsftpd-doc | apk add vsftpd-doc
|
Configuration file | /etc/vsftpd/vsftpd.conf | The default config is stock from vsftpd |
Default Path For Files | /var/lib/ftp | Because anonymous access is enabled by default, this is the daemon's default home directory |
Log Files | /var/log/vsftpd.log | Configurable in vsftp.conf |
User Running The Service | vsftpd | Alpine does not have an "ftp" user; it uses a group with the same name instead. |
Group(s) to common to | vsftpd | Used to share things among others daemons or services, like Redis or Apache |
Limitations
- SFTP is not supported
Installing vsftpd
To install and run vsftpd, simply run:
apk add vsftpd rc-update add vsftpd default rc-service vsftpd restart
Configuring vsftpd
The default configuration is not ideal because anonymous access is enabled by default and IPv4 support is only enabled. Therefore, the default configuration should not be considered suitable for production uses. Some common server configuration schemes include allowing anonymous access of files, user system FTP services, and virtual users (on the server end).
Per user FTP files can be supported by special directive in the vsftp.conf file using user_sub_token
. For example, this can be set to something like /home/$USER/public_ftp if we enable it (process are described below in further section "vsftpd configuration"
Managing vsftpd
Starting vsftpd: After the installation vsftpd is not running. As we said in first section, was started already but if you want to start vsftpd manually use:
rc-service vsftpd start
If starting vsftpd went OK, you should see output similar to the following:
* Caching service dependencies ... [ ok ] * Starting vsftpd... [ ok ]
Stopping vsftpd: if you want to stop the web server use stop in the same way of previous command:
rc-service vsftpd stop
Restarting or reloading vsftpd: After changing the configuration file, you must either restart or reload vsftpd in order for the new configuration to take effect. You can run one of the following commands below to achieve the desired effect:
rc-service vsftpd restart
rc-service vsftpd reload
The latter reloads vsftpd's configuration file while the former restarts vsftpd entirely. The latter might be preferred as it prevents having to reload vsftpd entirely.
If you restarted vsftpd, there should be output similar to the following:
* Stopping vsftpd... [ ok ] * Starting vsftpd... [ ok ]
If you reloaded vsftpd, the output will be similar to the following instead:
* Reloading vsftpd... [ ok ]
Using the proper runlevel: using the "default" runlevel should work in most cases, although there might be custom runlevels present and it might be more desirable to add vsftpd to a runlevel other than "default". However, keep in mind that runlevels aren't present in Docker containers because Alpine is used mostly in Docker.
To add vsftpd to a runlevel, use the following command:
rc-update add vsftpd [runlevel]
Where [runlevel]
is the name of the runlevel you want to add the vsftpd service too. For example, if you want to add vsftpd to the "default" run level, run rc-update add vsftpd default
Testing vsftpd
This section is assuming that vsftpd is running. At the moment, there might not be the 'ftp' user allowed or even available, but the server is up and running.
You can use netcat to test if a connection to the server is successful:
nc -zv server_address
Be sure to change server_address
with the actual IP address of the server. The common response will be OPEN if the server is running. If you receive another response, review your server configuration.
Clients
Because FTP uses a client-server architecture, you will need an FTP client if you want to interact with an FTP server. Alpine provides several packages for command-line FTP clients:
If you prefer a graphical client, check out the following:
- pcmanfm. See PCManFM with GVfs]]
Some web browsers also support FTP, although most major such as Chrome and Firefox removed support.
lftp
lftp is a sophisticated file transfer program that supports a number of network protocols, including FTP, HTTP, SFTP, FISH, and BitTorrent. It also has the following features:
- Job control
- Support for bookmarks
- Support for a built-in mirror command
- Support for parallel file transfers
readline
used for input
Feature | Value/Name | Notes |
---|---|---|
Package Name | lftp | Install: apk add lftp
|
Manpages and -doc Packages |
vsftpd-doc | Install: apk add lftp-doc
|
System Configuration Files | /etc/lftp.conf | Little to no customizations are made by Alpine |
User Configuration Files | ~/.lftprc, ~/.lftp/rc | The former is read first while the latter is read second if the former was not found. |
Installing lftp
To install lftp, run
apk add lftp
lftp has been provided in the main repository since Alpine 3.6, so it's a supported package that's ready for production use.
Configuring lftp
The main configuration file, /etc/lftp.conf
comes with different examples and comments. On startup, lftp reads /etc/lftp.conf
, ~/.lftprc
, and ~/.lftp/rc
in that exact order. These files are used to set system-wide and user-specific settings.
In the configuration file, use the command set followed by the name of the setting followed by its value. Use on
/off
for boolean values. For example:
set ftp:ssl-force on set ssl:verify-certificate on set ftp:use-feat off set ftp:ssl-protect-data on
Specific settings can be set for specific servers only. Append a slash (/) in front of the server name for a specific server.
set ftp:use-feat off /example.com set ftp:ssl-force on /example.com
More on lftp
By default, lftp is not very verbose about operations it performs in the background. If you want more output, you can use the 'debug' command (without the 'set' command):
debug 5
will display the full debug output.debug 3
will only display greeting messages and error messages.
Note that using the -d switch from the command line will override any previous debug settings and the full debug output will be displayed.
If you prefer some commands to be called by another name, you can set aliases:
lftpd supports aliases in the format alias [name] [command]
, where [name]
is the name of the lftpd alias and [command]
is the name of the lftpd command. A couple of examples are shown below:
alias dir ls alias less more alias zless zmore alias bzless bzmore alias reconnect "close; cache flush; cd ." alias edit "eval -f "get $0 -o ~/.lftp/edit.tmp.$$ && shell \\"cp -p ~/.lftp/edit.tmp.$$ ~/.lftp/edit.tmp.$$.orig && vim ~/.lftp/edit.tmp.$$ && test ~/.lftp/edit.tmp.$$ -nt ~/.lftp/edit.tmp.$$.orig\\" && put ~/.lftp/edit.tmp.$$ -o $0; shell rm -f ~/.lftp/edit.tmp.$$*"
The last alias should all be in one line. It gets a remote file, opens it with vim, and places the modified file back on the server. This can be very convenient when a file needs to be quickly edited and updated on the remote server.
Example usage
Below is an example of a mult-part download over SFTP:
$ lftp -e 'pget -c -n 5 /path/to/file' sftp://username@server
Breakdown:
- -e: execute a command
- pget: the command for partial download, in addition to its options:
- -c: option to resume
- -n: option for number of parts
- sftp://username@server: server URL
PCManFM with GVfs
While PCManFM is a file manager, installing the gvfs plugin allows you to use it as a graphical FTP client. To connect to an FTP server, you can do the following:
- From the menubar, go to Go > Connect to a server
- Choose the FTP protocol and input your username (path is optional)
- After a while you will input the password for the username you input