DaemonForums  

Go Back   DaemonForums > Miscellaneous > Guides

Guides All Guides and HOWTO's.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 15th February 2013
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,125
Default Uploading a file using ftp and/or a .netrc file from the command line

My first recommendation

Forget about all this ftp(1) thing. Only use this if there really is no other alternative. ftp(1) is a very unsafe protocol. The password as well as the data gets sent unencrypted in plain text.Just like telnet(1) it should be retired. Use one of the safer encrypted alternatives like scp(1) or sftp(1)

If you are forced to use ftp(1), first test on your local FreeBSD box. That means less trial and error transmissions of the password over the internet.
  • Make sure ftp is running

    If not acquire root privilege to start ftpd fmanually:

    Code:
    $ sudo /usr/libexec/ftpd -D
    
    $ netstat -a -f inet
    
    Active Internet connections (including servers)
    Proto Recv-Q Send-Q Local Address          Foreign Address        (state)
    tcp4       0      0 *.ftp                  *.*                    LISTEN
    tcp4       0      0 *.submission           *.*                    LISTEN
    tcp4       0      0 *.smtp                 *.*                    LISTEN
    tcp4       0      0 *.ssh                  *.*                    LISTEN
    udp4       0      0 localhost.ntp          *.*                    
    udp4       0      0 static.85-10-195.ntp   *.*                    
    udp4       0      0 *.ntp                  *.*                    
    udp4       0      0 *.syslog               *.*
  • Check a login

    Code:
    $ ftp 'ftp://adriaan:PasswordSentInPlainText@localhost'
    
    Trying 127.0.0.1:21 ...
    Connected to localhost.
    220 j65nko.org FTP server (Version 6.00LS) ready.
    331 Password required for adriaan.
    230 User adriaan logged in.
    Remote system type is UNIX.
    Using binary mode to transfer files.
    200 Type set to I.
    ftp>  ls 
    229 Entering Extended Passive Mode (|||23233|)
    150 Opening ASCII mode data connection for '/bin/ls'.
    total 20
    -rw-r--r--  1 adriaan  adriaan  1016 Feb 14 20:15 .cshrc
    -rw-r--r--  1 adriaan  adriaan   254 Feb 14 20:15 .login
    -rw-r--r--  1 adriaan  adriaan   165 Feb 14 20:15 .login_conf
    -rw-------  1 adriaan  adriaan   381 Feb 14 20:15 .mail_aliases
    -rw-r--r--  1 adriaan  adriaan   338 Feb 14 20:15 .mailrc
    -rw-r--r--  1 adriaan  adriaan   750 Feb 14 20:15 .profile
    -rw-------  1 adriaan  adriaan   283 Feb 14 20:15 .rhosts
    -rw-r--r--  1 adriaan  adriaan   980 Feb 14 20:15 .shrc
    drwxr-xr-x  2 adriaan  adriaan   512 Feb 14 20:22 DESTINATION
    -rw-r--r--  1 adriaan  adriaan    15 Feb 14 20:18 TESTFILE
    226 Transfer complete.
    ftp>  bye
    221 Goodbye.
    $
  • Create a test file to upload

    $ echo THIS is a TEST >TESTFILE


  • Upload the file TESTFILE to the folder DESTINATION

    Code:
    $ echo put ./TESTFILE | ftp 'ftp://adriaan:PasswordSentInPlainText@localhost/DESTINATION/'
    
    Trying 127.0.0.1:21 ...
    Connected to localhost.
    220 j65nko.org FTP server (Version 6.00LS) ready.
    331 Password required for adriaan.
    230 User adriaan logged in.
    Remote system type is UNIX.
    Using binary mode to transfer files.
    200 Type set to I.
    250 CWD command successful.
    local: ./TESTFILE remote: ./TESTFILE
    229 Entering Extended Passive Mode (|||65157|)
    150 Opening BINARY mode data connection for './TESTFILE'.
    100% |********************|    15      271.26 KiB/s    00:00 ETA
    226 Transfer complete.
    15 bytes sent in 00:00 (94.50 KiB/s)
    221 Goodbye.
    $
    As you see we simply send the put command to standard output. Because of the shell pipe '|', this command will be read as standard input by ftp(1).


  • Using this shell pipe method in a script

    Code:
    #!/bin/sh
    
    cat <<END | ftp 'ftp://adriaan@localhost/DESTINATION/'
    put ./TESTFILE
    END
    Running it:
    Code:
    $ ./upload-it
    
    Trying 127.0.0.1:21 ...
    Connected to localhost.
    220 j65nko.org FTP server (Version 6.00LS) ready.
    331 Password required for adriaan.
    Password: 
    230 User adriaan logged in.
    Remote system type is UNIX.
    Using binary mode to transfer files.
    200 Type set to I.
    250 CWD command successful.
    local: ./TESTFILE remote: ./TESTFILE
    229 Entering Extended Passive Mode (|||26300|)
    150 Opening BINARY mode data connection for './TESTFILE'.
    100% |************************|    15      215.41 KiB/s    00:00 ETA
    226 Transfer complete.
    15 bytes sent in 00:00 (88.24 KiB/s)
    221 Goodbye.

Using a .netrc to automate the ftp upload

This file is documented in at the end of ftp(1).

Code:
$ mkdir WORK ; mv TESTFILE WORK ; cd WORK

$ touch .netrc ; chmod g=,o= .netrc ; ls -l .netrc
-rw-------  1 adriaan  adriaan  0 Feb 14 20:52 .netrc
ftp(1) explains why this file needs these strict permissions:
Code:
     password string
               Supply a password.  If this token is present, the auto-login
               process will supply the specified string if the remote server
               requires a password as part of the login process.  Note that if
               this token is present in the .netrc file for any user other
               than anonymous, ftp will abort the auto-login process if the
               .netrc is readable by anyone besides the user.
Put the following contents in the .netrc file:

Code:
machine localhost login adriaan password PasswordSentInPlainText

macdef init
prompt off
preserve on
put TESTFILE /home/adriaan/DESTINATION/TESTFILE
ls DESTINATION
quit
Please note that a macro definition, here (init) needs to terminated with a empty new line. That is two times a newline (\0x0a).

As explained in ftp(1), it tries to locate the .netrc, in the directory named in the HOME environment variable

Code:
     The .netrc file contains login and initialization information used by the
     auto-login process.  It resides in the user's home directory, unless
     overridden with the -N netrc option, or specified in the NETRC environ-
     ment variable.
Because we are in the directory WORK we set HOME temporarily by using env(1)

Code:
$ env HOME=. ftp localhost

Trying 127.0.0.1:21 ...
Connected to localhost.
220 j65nko.org FTP server (Version 6.00LS) ready.
331 Password required for adriaan.
230 User adriaan logged in.
Remote system type is UNIX.
Using binary mode to transfer files.
prompt off
Interactive mode off.
preserve on
Preserve modification times on.
put TESTFILE /home/adriaan/DESTINATION/TESTFILE
local: TESTFILE remote: /home/adriaan/DESTINATION/TESTFILE
229 Entering Extended Passive Mode (|||39224|)
150 Opening BINARY mode data connection for '/home/adriaan/DESTINATION/TESTFILE'.
100% |**************************|    15      261.57 KiB/s    00:00 ETA
226 Transfer complete.
15 bytes sent in 00:00 (87.19 KiB/s)
ls DESTINATION
229 Entering Extended Passive Mode (|||42308|)
150 Opening ASCII mode data connection for '/bin/ls'.
total 2
-rw-r--r--  1 adriaan  adriaan  15 Feb 14 20:57 TESTFILE
226 Transfer complete.
quit
221 Goodbye.
My final recommendation:

Forget about all this ftp(1) thing. Only use this if there really is no other alternative. ftp(1) is a very unsafe protocol. The password as well as the data gets sent unencrypted in plain text.Just like telnet(1) it should be retired. Use one of the safer encrypted alternatives like scp(1) or sftp(1)
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump

Last edited by J65nko; 15th February 2013 at 12:24 AM.
Reply With Quote
  #2   (View Single Post)  
Old 15th February 2013
jb_daefo jb_daefo is offline
Spam Deminer
 
Join Date: May 2008
Posts: 303
Default

I tried, failed to get ssh(scp)(dropbear)etc working (firewall... permissions... some misstep...)
clear thru to where I wanted it to be capable of;
settled on a quicker (in the short term) pure-ftpd interim solution (for the lan anyway.) Someday someone may write a flowchart (initial install >> scp entirely setup included) making it easier for those who are short of time...
__________________
FreeBSD 13-STABLE
Reply With Quote
  #3   (View Single Post)  
Old 15th February 2013
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,125
Default

I am not sure if I really understand the problem you describe. If an user has an account and thus a password, he should be able to login using ssh.

If he or she can use ssh, it should be no problem to use scp or sftpd
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #4   (View Single Post)  
Old 16th February 2013
jb_daefo jb_daefo is offline
Spam Deminer
 
Join Date: May 2008
Posts: 303
Default

Correct[1] It is just that the
Quote:
pure-ftpd
method was quicker than finalizing the ssh setup, maybe because I missed a step in the latter, did it over several stages and not all at once, or something. [I did get sshd working; noted how; and the notes by now are in a huge stack(s) of others]. The usual way I configure things which take too much time is commented rc files from the web; those are less common in
Quote:
ssh
setup, however...
So it was more of a comment than a problem. Sorry to be not more clear initially.
__________________
FreeBSD 13-STABLE
Reply With Quote
Reply

Tags
.netrc, .netrc macdef, .netrc macro, ftp

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
How to append text to second line of a file guitarscn Programming 16 9th November 2010 02:06 AM
Automating FreeBSD release downloads with a .netrc file J65nko Guides 4 11th February 2010 09:02 PM
Automating OpenBSD snapshot downloads with a .netrc file J65nko Guides 1 7th January 2010 03:09 AM
Running a command with input from a file. bigb89 Programming 4 21st January 2009 06:36 PM
how to enable file/command completion for ksh93? TerryP General software and network 1 31st August 2008 08:23 AM


All times are GMT. The time now is 03:03 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick