17 July 2013

478. Briefly: proftpd on debian

I need to transfer raw mass spec files off of the computer controlling our waters zmd, and it seems like I may be the only one in the department wishing to do so.

Since the computer is running Windows NT 4 and doesn't support USB drives out of the box, and I'm a bit worried about installing new software (e.g. old versions of filezilla via oldapps) on a computer on which a lot of people rely, I have two options:

* use SMB i.e. a windows share
or
* use ftp

I'm having all sorts of trouble getting my samba to work well at work -- my computers are sitting on a 192.168.2.0/24 LAN behind a router connected to the corporate network which has proper IP addresses (i.e. not using a reserved private network address space). I haven't managed to get my computer behind the router to 'see' the other computers and their shares at work beyond my router . I can, however, connect directly to the computers using e.g. smbclient -- they just won't show up in e.g. nautilus under windows network or using nmblookup. At any rate, connection directly to the target computer prompts me for a password and it seems that there are no open, accessible shares on that computer, only password protected ones.

Win NT has a DOS ftp client, so I finally decided to set up a quick and dirty ftp server on my workstation in my office so that I could transfer a couple of data files to figure out my other issue -- whether I have any piece of software that can actually open the masslynx .raw files. Turns out that neither wsearch32 nor openchrom can, so the exercise has been somewhat futile, although it has to be said that I'd like to be in charge of any raw data that leads to publications, and so I should be able to manage the storage of it myself.

Note: ftp is an inherently unsafe method since it doesn't use encryption. Use a separate user for this with no privileges, change the password of that user regularly, and close port 21 whenever you aren't using it in order to not advertise that you are running an ftp server. Use ssh/sftp if at all possible.

Anyway, setting up an ftp server was easy.

This method follows this post, http://ubuntuforums.org/showthread.php?t=79588, almost verbatim.

First install proftpd

sudo apt-get install proftpd

Edit /etc/shells:
# /etc/shells: valid login shells /bin/csh /bin/sh #/usr/bin/es #/usr/bin/ksh #/bin/ksh #/usr/bin/rc #/usr/bin/esh /bin/dash /bin/bash /bin/rbash #/usr/bin/screen #/bin/tcsh #/usr/bin/tcsh #/bin/ksh93 /bin/false

sudo adduser ftpuser

su ftpuser
cd ~
mkdir download
mkdir upload
exit

Edit /etc/proftpd/proftpd.conf. In addition to what was already there, I added
UserAliasOnly on UserAlias spinebill ftpuser ExtendedLog /var/log/ftp.log TransferLog /var/log/xferlog SystemLog /var/log/syslog.log AllowStoreRestart on <Directory /home/ftpuser> Umask 022 022 AllowOverwrite off <Limit MKD STOR DELE XMKD RNRF RNTO RMD XRMD> DenyAll </Limit> </Directory> <Directory /home/ftpuser/download/*> Umask 022 022 AllowOverwrite off <Limit MKD STOR DELE XMKD RNEF RNTO RMD XRMD> DenyAll </Limit> </Directory> <Directory /home/ftpuser/upload/> Umask 022 022 AllowOverwrite on <Limit READ RMD DELE> DenyAll </Limit> <Limit STOR CWD MKD> AllowAll </Limit> </Directory> Include /etc/proftpd/conf.d/

su ftpuser
chsh -s /bin/false
exit

Check the syntax:
sudo proftpd -td5

Test:
ftp `hostname`
Connected to beryllium. 220 ProFTPD 1.3.4a Server (Debian) [192.168.1.1] Name (beryllium:me): spinebill 331 Password required for spinebill Password: 230 User spinebill logged in Remote system type is UNIX. Using binary mode to transfer files. ftp>
I have since tested this from the Win NT 4 computer and everything is working well. I had to familiarise myself with the windows ftp client first: http://www.nsftools.com/tips/MSFTP.htm

No comments:

Post a Comment