3

I'm trying to set up FTP over SSH, and I did set up the SSH server, but FileZilla keeps saying "ECONNREFUSED - Connection refused by server" which I take to mean that I need to set up an ftp server on my machine as well. I found directions here about how to set up vsftpd, but I'm concerned about security. Is this going to be accessible outside the ssh, and if so, how do I stop this functionality?

Edit- This is only going to be me using ftp, by the way. I need to access my files off site occasionally.

Braiam
  • 67,791
  • 32
  • 179
  • 269
jfa
  • 234

3 Answers3

6

FileZilla by default works via FTP, so if you ain't got an FTP server, it won't work - as your linked tutorial says, install and configure it via:

sudo apt-get install vsftpd
sudo nano /etc/vsftpd.conf

Then change the anonymous_enable... line to anonymous_enable=NO or #anonymous_enable=YES, and change the write_enable=YES depending on whether you want write access or not. You may also need to set local_enable=YES so that local users have access.

OR

You can set FileZilla to use sftp (through an SSH tunnel - like scp, but does FTP stuff), so for that you can set it to use that instead - under 'Protocol':

Set 'Protocol' in Site Manager to SFTPThat might work if you only have ssh setup

On accessing you computer externally, see here and this. You will need have the computer on (or with Wake On LAN), and connected to the network for it to work. A constant IP address (internal + external) also helps.

To find the IP addresses, there are a few answers here.

Community
  • 1
Wilf
  • 30,194
  • 17
  • 108
  • 164
  • Additionally if you use quickconnect you can use either sftp://hostname or port 22 to clarify that you want to use SFTP. Of course if you are connecting through a router the second variant only works of port 22 gets forwarded. – xZise Feb 18 '14 at 21:57
  • Ok,thanks for correcting that resource as to anonymous ftp, I looked it up and that is not what I want. Just so you know, if you comment out anonymous_enable, it's automatically set to yes. – jfa Feb 18 '14 at 22:16
  • 1
    @JFA - it might set it to NO, but it hard to no without knowing what it defaults to - that could even vary via the version of vsftpd. Just setting it NO makes sure :) – Wilf Feb 18 '14 at 22:18
5

There is no need to set up any ftp server at all, you can use ssh.

From a Linux client, use sshfs

Alternatively you can mount a directory over SSHFS using the Gnome "Connect to Server" tool in the desktop Places menu. In the tool, set the service type to SSH and fill in the boxes as needed. If a password is required when connecting then you will be prompted for it. Unmounting a SSHFS connection is the same as for any other volume. Open the File Browser (Nautilus). In the Places panel on the left click the arrow next to the SSHFS mount you want to disconnect or right-click it and select "Unmount".

See https://help.ubuntu.com/community/SSHFS for details

From a Windows client, use Winscp

http://winscp.net/eng/index.php

winscp

Panther
  • 102,067
  • Is this installed on the host or client? – jfa Feb 18 '14 at 22:01
  • You run ssh on the server. Winscp is a small program and does not need to be installed at all, I personally run it from a flash drive, completely portable. sshfs is "built into" nautilus, no need to install anything on either Linux or Windows clinets. – Panther Feb 18 '14 at 22:06
  • This seems like a good tool. I'll have to try this in the future when I have more time to experiment. – jfa Feb 18 '14 at 23:00
  • @JFA - OK, takes less time then installing , configuring, and securing a ftp server so I believe you will like it – Panther Feb 18 '14 at 23:01
2

I'd recommend the use of scp. scp is Secure Copy, which uses SSH to transfer files. As such, you can ensure your transfers are encrypted and authenticated users are the only people able to upload files.

This does not address any security concerns for users that you do not trust very much. In the case that you need to allow non-trusted users access, you might want to look into Virtualization (VM) or chroot.

earthmeLon
  • 11,247
  • how would you use scp? - surely it does not work the same as ordinary cp... :D – Wilf Feb 18 '14 at 21:30
  • What are the benefits of this vs FTP? – jfa Feb 18 '14 at 21:35
  • 1
    @JFA It use sftp? It is basically FTP, but through a SSH tunnnel (if so it is pretty much what the title of the question says you want) - as has been so helpfully explained, you can use it the same as cp, except for the remote file you use the parameters you would use for ssh but like USERNAME@HOSTNAME:/PATH/TO/FILE. Like cp, for folders you need to use the -r recursive option. – Wilf Feb 18 '14 at 21:42
  • 2
    @Wilf - I suspect you might enjoy sshfs ;) – Panther Feb 18 '14 at 21:48
  • 1
    The benefits are that you're using a stronger authentication method (ssh) while still encrypting your communications. The possibilities with such a setup have a larger domain than sftp setups. Another benefit is that your system already supports ssh/scp natively. Also, you can take advantage of sshfs. – earthmeLon Feb 18 '14 at 21:49
  • scp host:/home/user/file ./ To download a file to your current directory using remote full path. scp host:file /tmp/ To download a file to your /tmp/ directory using remote user's home directory as path. scp file host: To upload file to host user's home directory. – earthmeLon Feb 18 '14 at 21:50
  • earthmeLon Finally, an vague explaination... | @bodhi.zazen - Might do :) - I think I used it a while ago... – Wilf Feb 18 '14 at 21:52
  • 2
    sshfs is easy and fast =) – Panther Feb 18 '14 at 21:52
  • 1
    with scp, to copy a directory, use the -r option (comes in handy if you do not wish to use sshfs) – Panther Feb 18 '14 at 21:53
  • The cool thing about scp/sshfs is that they are tied together very closely. If you set one up, it's super easy to set the other up :D. – earthmeLon Feb 18 '14 at 21:55
  • I'm glad I know about this. I'll have to use it in the future. – jfa Feb 18 '14 at 22:33
  • Just an update, scp and rsync are basically my goto when I'm not being lazy or when I think that file transfer will be sped up by using these utilities. – jfa Jun 16 '15 at 17:02