as for the apache server one can use port 8080 instead of 80. Is something likewise possible for ftp (pureftp in my case) to use something else as 20&21 say 8020&8021 or so. I would like to ftp to my server but it shouldn't be to obvious. Another question I struggle with how to configure ftp & apache in such a way that I can drag and drop files by means a browser on a remote box to upload files to the server after a login. with regards, piet
On Jan 19, piet
as for the apache server one can use port 8080 instead of 80. Is something likewise possible for ftp (pureftp in my case) to use something else as 20&21 say 8020&8021 or so.
I would like to ftp to my server but it shouldn't be to obvious.
Another question I struggle with how to configure ftp & apache in such a way that I can drag and drop files by means a browser on a remote box to upload files to the server after a login. Since you asked on a security list, you'll get a "security" answer: DON'T USE FTP. DON'T USE FTP. DON'T USE FTP.
Apart from being a catastrophic protocol (hard to firewall correctly), it is not encrypted and passwords are transferred in clear text. If you want to offer files for download, use your apache server. If you want to upload files, use ssh/scp/sftp. There are nice drag&drop clients for sftp available for windows (filezilla, winscp). Markus -- __________________ /"\ Markus Gaugusch \ / ASCII Ribbon Campaign markus(at)gaugusch.at X Against HTML Mail / \
fair enough, and what kind of server would you recommend with sftp? piet Markus Gaugusch wrote:
On Jan 19, piet
wrote: as for the apache server one can use port 8080 instead of 80. Is something likewise possible for ftp (pureftp in my case) to use something else as 20&21 say 8020&8021 or so.
I would like to ftp to my server but it shouldn't be to obvious.
Another question I struggle with how to configure ftp & apache in such a way that I can drag and drop files by means a browser on a remote box to upload files to the server after a login.
Since you asked on a security list, you'll get a "security" answer: DON'T USE FTP. DON'T USE FTP. DON'T USE FTP.
Apart from being a catastrophic protocol (hard to firewall correctly), it is not encrypted and passwords are transferred in clear text. If you want to offer files for download, use your apache server. If you want to upload files, use ssh/scp/sftp. There are nice drag&drop clients for sftp available for windows (filezilla, winscp).
Markus
fair enough, and what kind of server would you recommend with sftp? The fine thing about sftp is, that it works out-of-the box. It runs over
On Jan 19, piet
The fine thing about sftp is, that it works out-of-the box. It runs over the ssh daemon :)
only bad thing with sftp/scp is, that its not able to resume the transfer of large files, or what about that capability of ftp? on slow lines, huge files, dynamic dial lines and crowded connections, this can be quite of an obstacle to get your data transferred. or is there any news about resume capabilites of sftp and other stuff standard ftp is capable of? otherwise its kinda useless i would say in circumstanced described above.
ah you have something there! I need to upload photoos (as a photographer) so yes the files are large. when abroad I run into all kind of problems mailing them. Usually this is done by means of a mac and then use sagem easy-transfer isdn filetransfer protocol, but I use XP on my laptop and linux at home. Suse never answered my question on the easy transfer protocol support by linux, So I thought to ftp them to my homeserver and then mail them or whatever. piet Andreas Bittner wrote:
The fine thing about sftp is, that it works out-of-the box. It runs
over
the ssh daemon :)
only bad thing with sftp/scp is, that its not able to resume the transfer of large files, or what about that capability of ftp? on slow lines, huge files, dynamic dial lines and crowded connections, this can be quite of an obstacle to get your data transferred.
or is there any news about resume capabilites of sftp and other stuff standard ftp is capable of?
otherwise its kinda useless i would say in circumstanced described above.
Being a photographer I suppose you do not want to optimise the file sizes
as you would lose clarity. So they will by nature be large.
I see your problem.
Jonathan Hughes
Tech Support Specialist
Goodyear South Africa
|--------------------------------------------------------------------------|
|The information in this e-mail contains confidential and / or proprietary |
|information and is intended solely for the addressee. Access to this |
|e-mail by anyone else is unauthorised and may not be copied or |
|disseminated without the express consent of The Goodyear Tire & Rubber |
|Company or one of its subsidiaries. If you are not the intended recipient,|
|any disclosure, copying, distribution or any action taken or omitted in |
|reliance on this, is prohibited and may be unlawful. Whilst all reasonable|
|steps are taken to ensure the accuracy and integrity of information and |
|data transmitted electronically and to preserve the confidentiality |
|thereof, no liability or responsibility whatsoever is accepted if |
|information or data is, for whatever reason, corrupted or does not reach |
|its intended destination. |
|--------------------------------------------------------------------------|
piet
The fine thing about sftp is, that it works out-of-the box. It runs
over
the ssh daemon :)
only bad thing with sftp/scp is, that its not able to resume the transfer of large files, or what about that capability of ftp? on slow lines, huge files, dynamic dial lines and crowded connections, this can be quite of an obstacle to get your data transferred.
or is there any news about resume capabilites of sftp and other stuff standard ftp is capable of?
otherwise its kinda useless i would say in circumstanced described above.
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
ah you have something there! I need to upload photoos (as a photographer) so yes the files are large. when abroad I run into all kind of problems mailing them. Usually this is done by means of a mac and then use sagem easy-transfer isdn filetransfer protocol, but I use XP on my laptop and linux at home. Suse never answered my question on the easy transfer protocol support by linux, So I thought to ftp them to my homeserver and then mail them or whatever.
hmm, i even found some patches againt openssh for resume capability, but didnt try so far. http://tinyurl.com/22o5n wonder if the openssh guys will finally include this into their software...
hmm, i even found some patches againt openssh for resume capability, but didnt try so far. http://tinyurl.com/22o5n wonder if the openssh guys will finally include this into their software...
there seems to be some tech trouble regarding the ssh and scp protocols, there is some discussion on that topic here http://marc.theaimsgroup.com/?l=openssh-unix-dev&w=2&r=1&s=resume&q=b
With regard to client software, in SuSE 8.2 the Konqueror windows are fine without added software.
From my experiments, all I did was go into the address bar and instead of a local file location I just put something like...
sftp://our-headoffice.co.uk/home/carl/work-folder
And the relevant files were visible there, with full drag and drop. I
happen to have set up a local identity file and private/public key pair in
my home directory .ssh subfolder plus copied them using sftp to our head
office server in my home directory there .ssh subfolder, public key appended
to authorized_keys so when I log in it's all automatically handled. However
I've tried sites where no public key trust exists and it just asks for a
username password as you'd expect.
Really nice and simple and gives *better* functionality than Windows where
sftp/scp clients have to be run as stand-alone programs!
Regards,
Carl
----- Original Message -----
From: "Andreas Bittner"
hmm, i even found some patches againt openssh for resume capability, but didnt try so far. http://tinyurl.com/22o5n wonder if the openssh guys will finally include this into their software...
there seems to be some tech trouble regarding the ssh and scp protocols, there is some discussion on that topic here
http://marc.theaimsgroup.com/?l=openssh-unix-dev&w=2&r=1&s=resume&q=b
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
I need to upload photoos (as a photographer) so yes the files are large. when abroad I run into all kind of problems mailing them.
Usually this is done by means of a mac and then use sagem easy-transfer isdn filetransfer protocol, but I use XP on my laptop and linux at home.
This is off-topic, however, what about using something like php to upload files? All you need then is a password protected server script on your target machine to upload the files via HTTP(S?). Save messing about with FTP. Just my 2 cents. Regards - Keith Roberts
You might look into using rsync over ssh. You will then get the best of both worlds: ssh for security, and rsync for block level copying and resuming of failed partial transfers. piet wrote:
ah you have something there! I need to upload photoos (as a photographer) so yes the files are large. when abroad I run into all kind of problems mailing them.
Usually this is done by means of a mac and then use sagem easy-transfer isdn filetransfer protocol, but I use XP on my laptop and linux at home.
Suse never answered my question on the easy transfer protocol support by linux, So I thought to ftp them to my homeserver and then mail them or whatever. piet
Andreas Bittner wrote:
The fine thing about sftp is, that it works out-of-the box. It runs
over
the ssh daemon :)
only bad thing with sftp/scp is, that its not able to resume the transfer of large files, or what about that capability of ftp? on slow lines, huge files, dynamic dial lines and crowded connections, this can be quite of an obstacle to get your data transferred.
or is there any news about resume capabilites of sftp and other stuff standard ftp is capable of?
otherwise its kinda useless i would say in circumstanced described above.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Monday 19 January 2004 10:06 pm, Brandon Hines wrote:
You might look into using rsync over ssh. You will then get the best of both worlds: ssh for security, and rsync for block level copying and resuming of failed partial transfers.
Even better, Unison has a GUI, does 2-way sync, lets you merge changes in individual files, runs over ssh, and runs on Windows. It's on the SUSE DVD/ CDs. See http://www.cis.upenn.edu/~bcpierce/unison/ - -- James Oakley Engineering - SolutionInc Ltd. joakley@solutioninc.com http://www.solutioninc.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQFADU4j+FOexA3koIgRAuZ6AJ92dIyhbjlW3gAVtMve4M5YwwCScQCgpjlG H3Nc0TSEahB0gy5L29LSdPE= =nThC -----END PGP SIGNATURE-----
DON'T USE FTP. DON'T USE FTP. DON'T USE FTP.
Apart from being a catastrophic protocol (hard to firewall correctly), it is not encrypted and passwords are transferred in clear text. If you want to offer files for download, use your apache server. If you want to upload files, use ssh/scp/sftp. There are nice drag&drop clients for sftp available for windows (filezilla, winscp).
There are some ftp-daemons that use encrypted passwd as well. If you use pasv mode only ports 20:21 are used. If you use vsftpd you will be able to controll high ports used by the daemon and so on and so on. So why not use ftp (only with limited user rights). Philippe P.S.: Yes I know what you can do nice things with ftp :-)
* Philippe Vogel;
There are some ftp-daemons that use encrypted passwd as well. If you use pasv mode only ports 20:21 are used. If you use vsftpd you will be able to controll high ports used by the daemon and so on and so on.
So why not use ftp (only with limited user rights).
Also consider using SuSE proxy-suite you can even fine tune the commands that can pass to your ftp server along with other controls -- Togan Muftuoglu Unofficial SuSE FAQ Maintainer Please reply to the list; http://susefaq.sf.net Please don't CC me.
Their should be a default free email client installed/avaliable on your
SUSE installation CD's or you can find an RPM on the Internet - something
like Kftp - that will act like WIndows Explorer. If I remeber correctley
this will allow for drag and drop file copies or at least far simpler than
using the command line.
For the ftp port - you should be able to specify a different port in the
config (probably located in or under the /etc directory) file. May be
worth checking and adding the custom port (try anything over 6000 for
safety) in the services file in the /etc directory.
I am not a Linux boffin so check the list for anyone who has better insight
or advise as I may not be 100% spot on. I am primarily a Red Hat 9.0 user
who is busy migrating to / additional using / also using SUSE.
Good luck..
Jonathan Hughes
Tech Support Specialist
Goodyear South Africa
|--------------------------------------------------------------------------|
|The information in this e-mail contains confidential and / or proprietary |
|information and is intended solely for the addressee. Access to this |
|e-mail by anyone else is unauthorised and may not be copied or |
|disseminated without the express consent of The Goodyear Tire & Rubber |
|Company or one of its subsidiaries. If you are not the intended recipient,|
|any disclosure, copying, distribution or any action taken or omitted in |
|reliance on this, is prohibited and may be unlawful. Whilst all reasonable|
|steps are taken to ensure the accuracy and integrity of information and |
|data transmitted electronically and to preserve the confidentiality |
|thereof, no liability or responsibility whatsoever is accepted if |
|information or data is, for whatever reason, corrupted or does not reach |
|its intended destination. |
|--------------------------------------------------------------------------|
piet
participants (10)
-
Andreas Bittner
-
Brandon Hines
-
Carl Peto
-
James Oakley
-
jonathan_hughes@goodyear.co.za
-
Keith Roberts
-
Markus Gaugusch
-
Philippe Vogel
-
piet
-
Togan Muftuoglu