Ftp; The File Transport Protocol; Multiple Ports, Multiple Modes - Red Hat ENTERPRISE LINUX 4.5.0 Reference Manual

Chapter 15.

FTP

File Transfer Protocol (FTP) is one of the oldest and most commonly used protocols found on
the Internet today. Its purpose is to reliably transfer files between computer hosts on a network
without requiring the user to log directly into the remote host or have knowledge of how to use
the remote system. It allows users to access files on remote systems using a standard set of
simple commands.
This chapter outlines the basics of the FTP protocol, as well as configuration options for the
primary FTP server shipped with Red Hat Enterprise Linux,

1. The File Transport Protocol

FTP uses a client server architecture to transfer files using the TCP network protocol. Because
FTP is an older protocol, it uses unencrypted username and password authentication. For this
reason, it is considered an insecure protocol and should not be used unless absolutely
necessary. A good substitute for FTP is
about configuring OpenSSH, refer to the chapter titled OpenSSH in Red Hat Enterprise Linux
System Administration Guide. For more information about the SSH protocol, refer to
Chapter 20, SSH Protocol.
However, because FTP is so prevalent on the Internet, it is often required to share files to the
public. System administrators, therefore, should be aware of the FTP protocol's unique
characteristics.

1.1. Multiple Ports, Multiple Modes

Unlike most protocols used on the Internet, FTP requires multiple network ports to work
properly. When an FTP client application initiates a connection to an FTP server, it opens port
21 on the server — known as the command port. This port is used to issue all commands to the
server. Any data requested from the server is returned to the client via a data port. The port
number for data connections, and the way in which data connections are initialized, vary
depending upon whether the client requests the data in active or passive mode.
The following defines these modes:
active mode
Active mode is the original method used by the FTP protocol for transferring data to the
client application. When an active mode data transfer is initiated by the FTP client, the
server opens a connection from port 20 on the server to the IP address and a random,
unprivileged port (greater than 1024) specified by the client. This arrangement means that
the client machine must be allowed to accept connections over any port above 1024. With
the growth of insecure networks, such as the Internet, the use of firewalls to protect client
machines is now prevalent. Because these client-side firewalls often deny incoming
connections from active mode FTP servers, passive mode was devised.
vsftpd
from the OpenSSH suite of tools. For information
sftp
.
277