|
OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below. |
|
Thread Tools | Display Modes |
|
|||
how i can install the ftp server in OpenBSD?
i want to install a ftp server(ftpd) on my OpenBSD server(with pf).
i didn't found any easy document for this. so how can i correctly install and config(secure) ftpd on my server? do you have any reference? |
|
||||
|
|
|||
What kind of services does the ftp server have to provide?
If the main purpose is to allow the public to download files, and not upload them, you will be better off by configuring the httpd(8) webserver to serve them.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump Last edited by J65nko; 20th March 2021 at 01:12 AM. |
|
|||
thanks all.
i want to moved some important files to my OpenBSD Server. i am currently using sftp. but seems sftp is slow and i want to use ftp. Note : my files is encrypted.(so a safe tunnel is not important) do you have a solution for better speed? |
|
|||
You could try rsync OpenBSD has it's own version called openrsync(1)
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
Quote:
Quote:
so my idea for better security & more speed : - file encryption - use http protocol & php (httpd) - use concurrency upload () - whitelist for port 80 |
|
||||
Are you planning to use HTTP Realm Authentication? If so, HTTP has the same plaintext userid/password security issue that FTP has. You could use HTTPS for session privacy, but TLS requires the same sort of cryptographic performance overhead that sftp(1) has, with the additional provisioning complication of X.509 certificates. Though ... if you do use HTTPS/TLS for session privay you could use client certificates as client authentication, and eliminate the use of Realm Authentication entirely.
|
|
|||
What do you mean? Delete the files after sending like you'd have to for any of the other methods being discussed.
|
|
|||
Considering that your files already are encrypted, you could still use ftpd, but then with S/Key, a a "one-time password" authentication system. See the example for ftp at https://www.openbsd.org/faq/faq10.html#SKey
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
Quote:
Quote:
no HTTP Realm Authentication. But like that. yes http is not safe like ftp. but are simple algorithm can be used. before i explain this algorithm , keep in mind that pf is exists and source ip is exists in whitelist of destination server. Algorithm : the date & time of both server is same. (Year/Month/Day H:M) so we can create a algorithm like : from client : $key = md5('Secret Key' . date('YmdHi') . filesize($file)); from server : $key = md5('Secret Key' . date('YmdHi') . filesize($uploaded_file)); this is a type of one-time password. Quote:
can we implement the concurrency in ftp ? yes (multiple connection). can we implement the One-Time password in ftp ? yes(S/Key) so "Web Server + PHP" vs FTP ? i think if you want to implement the more complex infrastructure , you can use "Web Server + PHP". ftp uses two port and "user authentication". i don't feel good. I think in the new world, humans should run "ftp+". |
|
||||
In post #6 jggimi suggested nc(1), aka "netcat". Have you considered this? I've used it to move large files around my LAN and it's very fast. You have to set up a receiving process on the target machine, but this can be done via ssh login, so that part is secure. If your file is encrypted, then wouldn't that cover all bases?
|
|
|||
Quote:
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
Quote:
Quote:
nc is simple and good. i think this thread exited from original content. i open new thread. http://daemonforums.org/showthread.php?p=70537 thanks all. Last edited by jonsec; 25th March 2021 at 09:16 AM. |
Tags |
ftpd |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
BEST VNC SERVER FOR OPENBSD | rdikarlus | OpenBSD Packages and Ports | 3 | 20th May 2019 06:22 PM |
pxeboot install from remote server to my LAN | chessmaster | OpenBSD Installation and Upgrading | 16 | 6th March 2014 02:52 AM |
i want to install a voice chat server on openbsd | hack2003 | OpenBSD Packages and Ports | 17 | 8th April 2011 10:19 PM |
How - To install GNOME vile I install OpenBSD ? | looop | OpenBSD Installation and Upgrading | 6 | 24th April 2010 08:58 PM |
move install to new server larger hard drive (raid system) | carpman | FreeBSD General | 16 | 24th November 2009 10:57 AM |