Fig. 1: FileZilla is a popular free FTP client.
Back in 2011, I wrote about setting up a Secure Shell (SSH) server. This supports secure file transfers and it’s easy to set up. Read “Let’s Build an OpenSUSE Storage Server” — it may be all you need.
But applications for automated and unattended transfers — quite common nowadays — seem to prefer the older File Transfer Protocol, or FTP. That has been our experience of late, anyway.
Here are two recent applications. We receive weather and traffic via automated FTP. Our NexGen automation system then loads these files and plays them on air. As a second example, my colleague in Denver, Amanda Hopp, is beta-testing an iPhone app that automatically uploads field recordings via FTP.
Fig. 2: Here we’re using OpenSuSE’s Start Lizard to access Yast, the setup program. If you’re going to support FTP, you will need to lease space on a server somewhere (check with your ISP), or you’ll have to set up your own. This article will discuss the latter, using open-source software that can be downloaded from the Internet at no charge.
What Is It?
The file transfer protocol dates from 1971, so it’s extremely mature. It was actually developed back during the days of ARPANET (the forerunner of today’s Internet), when a 300-baud modem was considered state-of-the-art. As the name implies, it’s simply a way to reliably transfer files from one computer to another.
You’ve probably used it. For example, Web hosting companies usually provide FTP access as part of your package. You might use a Web editor on your local computer to create a new page, then click “upload” or “send.” FTP is used to install that page on your website.
All FTP clients follow this procedure: You connect to the address of the FTP server, then enter your username and password. In the old text-mode days, you’d then enter “GET filename” to fetch a file, and “PUT filename” to upload something. But nowadays, even hard-eyed geeks like me prefer a graphical client. I use FileZilla, a free FTP client, to drag-and-drop files between the remote FTP server and my local desktop.
In Fig. 1, I’ve installed an FTP server on my desktop machine and have connected to “localhost,” which always refers to the local machine itself. In this case, FileZilla just acts as a glorified file explorer; I’m “uploading” and “downloading” on the same machine. But it proves that my server is running. I clicked on the PNG file in the left panel, then dragged it to the right. The FTP server “uploaded” that image file into the other directory.
Let me show you how to set up this same basic FTP server to play with. In the future, we’ll look at ways to make it secure, robust and ready for new applications that can upload and download automatically.
There are many choices available, but I use OpenSuSE Linux as my desktop operating system (I’m using OpenSuSE 13.1 here). Installing it is so easy, I don’t even need to cover the details. Just go to software.opensuse.org, download the ISO, then burn it to DVD and boot onto it. There are instructions there for other installation methods, including USB stick and network.
The installer will ask questions; you can accept the defaults. You will need to enter a username and password when prompted, though. You can also choose to use that same password for system administration (i.e., for “root” access). Whatever you choose, don’t forget that password!
Fig. 3: The Add Software dialog.
If you have problems with the installation, the OpenSuSE forum (forums.opensuse.org) is your friend. Those nice folks are volunteers who support SuSE as a labor of love. Post a request with as much detail as you can think of; you’ll typically get a response within an hour or so.
A VERY SECURE FTP
Follow all the prompts and let OpenSuSE finish installing itself. You may need to reboot at least once. Eventually, you’ll get a graphical desktop.
You will need Internet access. Assuming you are connected to your house network and that you normally have such access, OpenSuSE should have configured that for you. The Firefox Web browser is installed by default; click the orange icon on the desktop to confirm that you have Internet access.
Now look at the bottom left of the screen. OpenSuSE’s version of the Start menu is a green “Start Lizard.” Click that, then hover your mouse pointer over “Applications.” Click “System,” then click “Control Center/Yast” (see Fig. 2).
You’ll be asked for the root password. Enter it, click OK and the main Yast (Yet Another Setup Tool) window will appear. Right at the top, on the right, you should see “Software Management.” When you click on that, the window shown in Fig. 3 will appear.
In the box to the left, enter the first search term: “vsftpd,” then click Search. This is the name of the FTP server that we’re going to use. The “VS” stands for “very secure”; the “D” at the end stands for “daemon” (no fear, you don’t need a priest and holy water; a daemon is what the Unix community calls any system software that runs in the background).
Click the checkmark in the right panel beside “vsftpd” (again, see Fig. 3). It is now selected for installation. Let’s grab two other packages at the same time. Enter “yast2-ftp” in the search box and check “yast2-ftp-server” when it appears in the right pane. Finally, search for “filezilla” and select it.
Fig. 4: This is the Authentication Settings pane, part of the FTP Server configuration.
Now click “Accept.” A few other windows might appear, asking for confirmation of various changes; select “OK” or “Accept” as needed. These three applications will then be installed.
When installation is complete, close Yast and then reopen it to force a refresh. Click on “Network Services” in the left panel. You should now see “FTP Server” in the list to the right. Click on that.
JUST THE BASICS
Once the FTP Server Configuration window appears (Fig 4), you’ll see several configuration choices in the left pane. Each will open a different group of options on the right. Let’s first click “Startup” on the left; in the options to the right, just select, “Start at Boot Time.” We’re done with those options.
Fig. 4 shows what you’ll get on the “authentication” pane. Select “Authenticated Users Only.” This means that only people who have an account on the FTP server can log in. At present, you’re probably the only user, but you can add others later with Yast -> Security and Users, then User and Group Management.
The reason I’ve shown you this is because of another very important change: You should disable anonymous (“anyone from anywhere”) logins. In particular, do not enable anonymous writes! This is especially true if you’re going to expose this FTP server to the Internet at large. Otherwise, hackers might (no, they will) find your server and use it to distribute all sorts of nasty stuff.
Fig. 5 is from the Advanced options pane. Select “Open Port in Firewall” and you’re ready to go. This only opens the ports on the FTP server machine. In the future, I’ll discuss how to expose the needed ports to the Internet. Click the “Finish” button to apply the changes.
You should reboot the machine to force all of these changes to take effect. Click the Start Lizard, hover over “Leave,” then select “Reboot Computer.”
A FEW TESTS
Fig. 5: Be sure to open the port in the firewall!
Once the system has rebooted, open FileZilla (Start Lizard, hover over “Applications,” click “Internet,” then “FileZilla”). The left pane will already have the contents of your local Home folder. But now enter “localhost” in the Host box and your username/password in those boxes. Press Enter; you should see your Home directory appear in the panel on the right as well. This confirms that the server is running.
A better test is to access your FTP server from a different machine on your network. On your PC, look for the Network Manager (the little network jack icon) to the bottom right of the screen. Click on that, then click on the network connection in the panel to the left. Your IP address will be part of the displayed information.
Armed with that IP address, go to another computer on the network, preferably one with FileZilla on it (you can download it from filezilla-project.org for Windows, MacOS and Linux). Enter the IP address of your FTP computer in the Host box, then your username and password. You should be able to browse into the Home directory on the FTP server.
HANDLE WITH CARE
This is a “for-real” FTP server. You could expose it to the Internet as is, and anyone who had a user account would be able to log in and swap files. But that’s for a future discussion.
Depending on your Internet access, this would take some extra work. Unlike most classic servers, FTP needs more than one port exposed to your public IP address. At minimum, these are ports 20 and 21 by default, but others may be required, depending on how you’ve configured the server.
And here’s a final warning. The File Transfer Protocol is mature and reliable, but as set up in this article it’s not very secure. Like other older protocols, the original FTP was developed back when the world was a more honest place. By default, all usernames, passwords and commands are transmitted in plain text, easily readable by a “sniffer” program. In a future article, I’ll show you how to enable TLS (Transport Layer Security) to encrypt everything.
Stephen Poole is market chief at Crawford Broadcasting in Birmingham, Ala.
Got an idea for a future column on radio IT? Write to us at [email protected].