Change FTP on fog server to SFTP??
-
Good afternoon all, is it possible to change the FTP service used by FOG (vsftpd.service) to an SFTP service? Thank you in advance.
-
This post is deleted! -
There’s SFTP which uses ssh ports to transfer files. This would already exist on most Linux servers.
There’s FTPS which works by using certificates.
Which are you trying to do? Vsftp can do ftp and ftps I believe, but don’t think it would do sftp.
Essentially SFTP most likely is already set and configured on your machine. Just use the user and password you would use to logon to the machine and you should be good to go.
-
@Tom-Elliott I think the FTP server is only half the equation here. We also need to ensure that lftp supports sftp.
Based on this article: https://how-to.fandom.com/wiki/How_to_use_lftp_as_a_sftp_client it says that lftp could support ssl.
Running this on my centos 7 based FOG server it doesn’t look like the distro version of lftp supports ssl.
# ldd /usr/bin/lftp linux-vdso.so.1 => (0x00007ffeebd50000) liblftp-jobs.so.0 => /lib64/liblftp-jobs.so.0 (0x00007f5d6337f000) liblftp-tasks.so.0 => /lib64/liblftp-tasks.so.0 (0x00007f5d6310b000) libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f5d62eef000) libreadline.so.6 => /lib64/libreadline.so.6 (0x00007f5d62ca9000) libutil.so.1 => /lib64/libutil.so.1 (0x00007f5d62aa6000) libtinfo.so.5 => /lib64/libtinfo.so.5 (0x00007f5d6287c000) libdl.so.2 => /lib64/libdl.so.2 (0x00007f5d62678000) libstdc++.so.6 => /lib64/libstdc++.so.6 (0x00007f5d62371000) libm.so.6 => /lib64/libm.so.6 (0x00007f5d6206f000) libgcc_s.so.1 => /lib64/libgcc_s.so.1 (0x00007f5d61e59000) libc.so.6 => /lib64/libc.so.6 (0x00007f5d61a8b000) /lib64/ld-linux-x86-64.so.2 (0x00007f5d635c7000)
So that means FOG would need to compile lftp for the FOG host server during install. I have not checked the lftp from FOS Linux but we would also need to ensure that lftp in FOS supports ssl too. We have a bit more control of FOS Linux support of ssl than the FOG Host server.
-
@george1421 said in Change FTP on fog server to SFTP??:
So that means FOG would need to compile lftp for the FOG host server during install. I have not checked the lftp from FOS Linux but we would also need to ensure that lftp in FOS supports ssl too. We have a bit more control of FOS Linux support of ssl than the FOG Host server.
From my point of view FTPS (FTP with SSL) is no better than FTP from a firewall/network/security point of view and I wouldn’t spend a second on trying to make this work.
If we really think about making this part more secure I would want to push this down the SSH/SCP/rsyncOverSSH way instead! I have not looked into this yet but I could imagine we can make this work for 1.6.x some weeks down the road.