Dragging and dropping files from a Windows Explorer window make FTP a viable alternative to LinNeighbourhood for those that are having problem with it.
I decided to use BetaFTPD and built version 0.0.8pre17 which is supposed to be better and more stable than the latest official release of 0.0.7
I had to modify the source to make it build on my machine, so I will make a sourcerer package once I know how.
In the process I and others on this board that tested the early port found a number of potential security risks that I wasn't willing to leave in the software, so I made a number of changes to improve security.
I would now feel comfortable using it for anonymous ftp on my own machine, although I wouldn't claim it is as "industrial strength" as some of the much larger alternatives like wu-ftpd, pure-ftpd, vs-ftpd, etc...
EDITED AGAIN: now version betaftpd-0.0.8pre17-pup-4
This is a security enhanced version:
- users only have access to their home directory,
- fixed a bug that could reset the "download only" mode for anonymous when changing logging state.
- tweaked some file permissions
- now denies shell access to user "ftp"
- new and improved manual with example of use (thanks Nathan F. for html formatting)
To make starting/stopping/configuring the server more easily I wrote a "Control Center" application accessible from the start menu:
Here's the text version of the help file. The package contains an nicer html verion, and I am planning on transfer Nathan F/'s even prettier version to the wiki. I just didn;t want the help file to end up larger than the app itself because of too many pictures.
Code: Select all
**** BetaFTPD 0.0.pre17-pup-4 for puppy linux ****
Overview:
=========
BetaFTPD is a single-threaded FTP daemon.
The single-threadedness makes it faster than most other FTP daemons (contrary
to common belief), and makes it extremely light on memory. Although it lacks
a few functions (which you probably won't miss).
Version 0.0.18pre17 is more stable than the latest official release (0.0.7)
Homepage: http://betaftpd.sourceforge.net/
Original by Steinar H. Gunderson <sgunderson@bigfoot.com>
Port to puppy linux, download-only mode and Control Center by papaschtroumpf.
Use of *any* FTP Server can present a security risk if your computer is
open to the Internet. Use at your own risk.
Usage:
======
(if you are new to FTP, you may want to scroll down to the "Why an FTP Server?"
tutorial section below)
The original BetaFTPD has no command line options. To keep the program small, all
options were built-in at compile time. This modified version has one optional
command line argument to restrict anonymous ftp to download only, and one to
restrict FTP access to each users' home directory.
In its simplest form, just run the betaftpd executable to start the server. It
will run as a daemon and run in the background.
puppy linux includes a BetaFTPD Control Center available in the menu for most
Windows Managers (under Networking). You can also start the control center
manually by running the betaftpd-cc script.
The BetaFTPD Control Center allows you to:
- see the current server status
- start / stop the server
- enable / disable Anonymous FTP access
- change full or download-only Anonymous access
- enable / disable logging of file transfers
- view this help file
You can access the shared directories with any FTP client or most modern
browsers (Windows Explorer, Firefox, ...), most of them through drag and drop.
The file transfer log is in /var/log/xferlog and is in the following format:
date xfer_time peer_address xfer_size filename b _ iN/oUT a owner ftp 0 *
Shared directories:
===================
All user can have access to their own home directory by logging in with their
puppy linux username and password. Note the following limitations however:
- for security reasons root cannot log in as an FTP user
- for security reasons users with a blank password cannot log in
- for security reasons the special user "ftp" does not have shell access
If you create a user for FTP access only, it is recommended that you don't
grant that user shell access for improved security. This can be done by
passing the -s /usr/bin/deny_sh option to add user as follows:
adduser -h /root/ftphomes/user -r /usr/bin/deny_sh user
In addition to user directories, the home directory of special user "ftp"
is shared to all anonymous users. That "ftp" user can be activated through
the Control Center.
Upload is allowed in all shared directories, allowing two way transfer of files.
However the Control Center has an option to disallow upload/delete for
anonymous users.
For added security, users only have FTP access to their own home directory.
Note that betaftpd support a "non-root" mode, and you may find references to it
if you look for it on the Internet. Support for it is somehwat experimental
and has been disabled in the puppy build. The Control Center requires that the
FTP server be ran by the root user.
Why an FTP server?
==================
FTP is one of the oldest and most common way for transferring files over the
Internet. An FTP client connects to a server and can request and sometimes
upload files to the server. There are many kinds of FTP clients. Some are
command line base, requiring you to know shell-like FTP commands, others have
a nice graphical interface, others are "transparent": you drag and drop files
between a browser and a lcoal folder wihtout knowing that you are actually
doing an FTP transfer. Internet Explorer in Windows and Konqueror on linux
have very good drag and dropp FTP implementations.
You need a user and password to log into an FTP server, however some servers
have a "special" user called "anonymous" that doesn't have a password. The
server will prompt you for a password but you can enter anything, although
net etiquette often dictate that you should enter your email address.
BetaFTPD can be used in a variety of ways:
1) User specific access:
For example you want to share files with a friend halfway accross the world,
but those files are too big to email: you can create an account for your friend
on your puppy machine as follows:
adduser -h /root/friend friend
you will be prompted for a password for user "friend" (you could call him Bob,
Mom or Fido), and when the process completes, you will have a /root/friend
directory. Put the files that you intend to share with him in that directory.
Start BetaFTPD (or more precisely the Control Center) from the start menu and
click "Start FTP server". If you don't want anonymous access (see below) make
sure that you click on the "Disable Anon" button.
Your friend can then type "ftp://xxx.xxx.xxx.xxx" in his browser or his
favorite FTP client, where xxx.xxx.xxx.xxx is the Internet address of your
computer and log in with the user name "friend" and the password you assigned
to it. (If you are beind a broadband router you will need to configure it to
allow port 21 and possibly forward it to the puppy machine. How to do this is
outside of the scope of this document).
Note that your friend can also upload files to /root/friend.
Unless you want your friend to have shell access also, it is recommended that
you create the account with the -r /usr/sbin.deny_sh (see "Shared Directories")
2) Access for everyone
Let's say that you're a budding music composer, or artist or programmer and
want to share the fruit of your labor with the rest of the world: you can't
create a user account for every person in the world! What you need to do is
allow anonymous access to your server: simply click "Enable Anon".
A new window appears prompting you for the password for the anonymous (or
"ftp") user. Once the user is created, the files in /root/ftp will be shared
to anyone that cares to look! The BetaFTPD offers to open a rox window to
let you see the contents of that folder, just in case you want to check.
Pay close attention to the status of the anonymous access shown in the Control
Center: if it says "FULL Anonymous FTP access is available for /root/ftp" it
means that not only anyone can log in and download your files, but anyone can
also log in and upload whatever they feel like. This is dangerous! you could
end up unknowingly hosting pornographic or copyrighted material placed there
by one of the anonymous users for other anonymous users to retrieve.
What you want to do to prevent this (believe me, you do) is change anonymous
access to only allow downloading by pressing the "Download-only" button.
You may even want to press the "Enable Log" button to get a log of each transfer
in and out of your machine. Press the "View Xfer log" button to see the log. The
first line shows you what its format is (or see "Usage" above).
3) LAN file transfer
The examples above assume that you can and are willing to share part of your
computer over the Internet. There is one safer application that is quite useful:
Since just about every operating system has an FTP client, you can use FTP to
transfer files between multiple computers with different operating systems on
your home network. This is when allowing "full access" for anonymous users is
OK: some clients can be configured to automatically attempt anonymous access and
you won't be prompted for a user name or password (the "transparent" clients like
Konqueror and Windows Explorer work that way). You can then drag and drop files
in and out ofthe "repository" in /root/ftp on your puppy machine.
If the other machines on your network are mostly windows machines, you may want
to look at using Samba, the windows "network neighbourhod" protocol, for example
using LinNeighbourhood which is also available for puppy.
Under the hood:
===============
For puppy linux, BetaFTPD was compiled with the following options:
--enable-upload so that you can upload files to the server
--enable-xferlog to provide a log of all transfers. If the log file doesn't
exist when the program is started, it will not log anything. That's what
is used in the Control Center to enable and disable logging.
--enable-fork the server runs silently in the background, "daemon-style"
--enable-shadow to support user passwords
In addition the code was modified to add the -restrict option to disallow
anonymous uploads/deletes. Another option, -contain, was added to restrict
user navigation to their home directories instead of full machine access as
in the orginal server.
These commands are believed to be fully compliant with RFC959 and RFC1123:
PORT, PASV, USER, PASS, CWD, CDUP, QUIT, DELE*, PWD, SYST, NOOP, STOR*, APPE*,
ABOR, RNFR*, RNTO*, MKD*, RMD*, ALLO*, REIN, ACCT, HELP, STAT and MODE.
The * denotes a command that is disabled when -restrict is used.
These commands are not implemented at all: SMNT, STOU and SITE.
I decided to make this a PupGet package rather than a DotPup mostly because it will be even more straightforward to have an official unleashed built from it and I hope this makes it in future releases instead of gtkftpd.
Please report any problems with the software here.