 Hi everyone again welcome to this lecture we will be continuing the Linux networking on the lecture number 3 today, today's topic is going to be the file transfer protocol. So we will be learning about the file transfer protocol in depth and going into like how we can make the file transfer protocol also known as FTP then we will go into more detail regarding how we can enable server to do an FTP transfer so some of those topics will also be discussed so before we start talking about the FTP itself I want to give the recap from last lecture as you know finished the last lecture on the IP addressing so let us look at what we learnt so we learnt the basic structure of an IP address which is a 32 bit number comprised of four octet numbers a simple example will be like 133.27.162.125 this is what is called decimal representation you can also represent it with a binary as shown here each one will just get that its own binary equivalent sometimes it is also represented in a hexadecimal fashion which is like 133 in hexadecimal is 85 and then the 27 becomes 1d and the 162 becomes a 2 and then 125 becomes 70 so people simply say it as one number 85 1d a 270 some of the the licenses are all cut for the hexadecimal representation so you have a license for any software the software vendor may ask you the host name where you are hosting this this licenses in the form of this hexadecimal representation and we also saw the use of network mark which it is used to define which bits are used to describe the network part and which are used for the host a simple notation will be like 255 or 255 or 224.0 in this case we know that actually the 224 is the first three bits of the the third octet so hence the number of network bits is 19 and the remaining is assigned to the host so let us look at based on this let us look at some of the activities that I want you guys to do so here one of them is to convert the following IP address into a binary format fairly simple I think like with the knowledge from the above slide you should be able to do this fairly easily I think like I mean you also have the distinction between a local network and the public network or private network and a public network based on the IP addresses now the question is for the above IP address what is the network address and what is the host at all is the network part and the host part again I think it is fairly simple you should be able to figure out what would be network address and the host address so I want you to just exercise for what we learn now the third one that I want you to do is the following which is I have given you this very simple I want you to figure out how many hosts are possible in this network again I think like I mean it will be like a trivial exercise for you given that you are now masters of IP addressing based on the previous lecture so with that I am going to go into the file transfer protocol which is the main topic of today so in this lecture we will be learning about what is FTP why do we need FTP then how do we how do we control the FTP essentially what are the commands that we can use in an FTP session how to initiate an FTP session how to end an FTP session things like that and then we will also discuss the configuration of a Linux FTP server some basic understanding of controlling the permission commands in the configuration of the Linux FTP server and then some administrative tools again I do not want to emphasize too much on the back end the administrative aspects of it but I still want you to understand what are the stated challenges so that at least like I mean you are aware of what is going on with something is something asked from you so let us look at what is FTP so in FTP the file transfer protocol is the way to copy large files I emphasizing in large file through the network into another system these can be like connected in a LAN configuration LAN configuration these are the terms that we learned in lecture one so based on that we can transfer it it is different from remote copy which is another way to actually copy a file because the remote copy actually explicitly opens a direct communication link between the computers and then tries to copy the file over for whatever duration that the copy needs to take FTP is all done through the network rather than relying on the the direct connection between two computers which is very difficult to establish so let us see how we can actually control the FTP the first thing that we want to do is to initiate an FTP session so the to initiate an FTP session we simply type in FTP followed by the FTP servers IP address the FTP server could be a special server on the network or it could be any other machine which is able to receive the FTP request again you see that actually the command and the command is of the same form that we learned in probably like lecture one when we started when we learned the Linux basics which is the command followed by an argument here the argument is actually the FTP server IP address you can also look for any kind of options available for the FTP there are new versions of FTP also available things like SFTP which is more like a secured FTP which encrypts the data during the transmission and then basically decrypt the tail end so that is another topic essentially like I mean so you can actually look it up as a man FTP and then try to see like I mean what are the different possibilities that are available so now that you have initiated an FTP now we need to know how do we control because once the FTP is initiated usually the FTP server then ask you for an authentication the authentication is in the form of the username and the password some FTP also allows you some FTP servers allows you to do login as a anonymous user so that it doesn't so think about this right I mean you are actually trying to log in into a different machine just for the purpose of transferring a file over as long as the file is secure the remote machine doesn't need to need you to have an established account because the whole points here is you are going to send this file and basically at that point you are going to cut off all your links between you and the remote server and then the remote server can go on doing whatever it is whatever it wants to do so in that sense like I mean you don't want to establish an identity in that remote server so that you know all the time like I mean it checks whether that that person is there so FTP sites do allow anonymous FTP so essentially like I mean so anybody who does not have an identity established in the remote server becomes an anonymous user so in most cases in some of the settings actually you can log in as anonymous and password is nothing and then you can log in in some cases they still want to log who is the user that is trying to FTP so they will require some form of identification usually the identification is your email address so the password that they require for an anonymous access will be your email address so you can say like FTP FTP server name and then it will ask you for a username usually it says like default is anonymous in that case like you can just click enter and that takes the anonymous as the user and then it will say like okay password now give the password and they will typically say that put your email address as your password if you are not anonymous so then you just type in the email address and then you click on it then immediately the prompt will change the prompt becomes FTP greater than so now you know that you are in the middle of the FTP session so now let us see how once the once we started the session how do we proceed at the point so there are several commands that are available you can think of the FTP as very similar to your shell so in a shell we can just have the greater than symbol now with FTP you will say like FTP and then greater than symbol which gives you kind of a command interpreter window so let us see like what commands that we can type in again this command interpreter will be very very limited subset of the Linux shell so the number of commands that you can type is also limited so let us see this command that you already know CD which is the change directory only difference between what you know what you knew earlier and this time is when you type CD it actually changes directory in the remote so it is no longer changing the directory from your site in fact typically like when you log into an FTP site wherever you started with the current home directory that will still be preserved so say like I mean you are in your home directory like slash form slash XYZ and then you started the FTP server your local directory is still pointing to slash form slash XYZ whereas in the remote direct remote directory it goes into some place either just the slash which is the root directory from there you can then do a CD to move to any other directory and CD dot dot will again go back up one level but now in the remote server and not the current directory and PWD that the other command that you are very familiar with the present working directory that again it points to the present working directory of the remote server as opposed to your side and then all these commands LS will work on the remote server but not on your side so even if you type LS you cannot see any of your files in the current directory but it will display the files from the FTP site or the remote site so then what can we do like I mean so now that you know like I mean okay you can change the directory from the root to the slash a in the remote server assume that you are still okay with the slash home slash XYZ and you want to transfer a file called PQR into the remote directory slash a so you did CD to slash slash a and then you did a PWD and it prints like slash a so and then you do an LS and it leaves nothing basically there are no files in that server now you need to copy your PQR into that directory so the way that we do it is using the following commands the transfer commands are shown here these typically start with specifying either one of these two options either binary or ASCII this tells the FTP tool to assume that the file whatever that we are going to transfer is going to be a binary format if you type in ASCII then it knows that needs to transmit as an ASCII format the difference here is essentially like I mean even though the data may be like very similar like once in zero the binary format will will require like some special handling in the sense that you cannot you have to make sure that you check something the same and things like that whereas ASCII there is some leniency there so the first thing that you do is based on what kind of file PQR is you set one of these either type in binary or ASCII let us assume that the PQR is a binary file so we type the binary as a short form you can just type BIN this short form for binary so now that you indicated to the FTP server that the file that you want to transfer is going to be a binary now how do we transfer so if you just say put and then followed by PQR then this PQR from the current directory between flash home flash x or v will be transferred over to flash a which is the remote server so fairly easy you can also do get the gate command will actually get a file from the remote server back to your local local PQR so here again get is also the same thing get get followed by file name and then the file name from to your site now the next command is the change mode command change mode command is very similar to the command that we saw earlier in the previous slide change for a change mode command changes the file from machine on the remote server as opposed to your your machine DEL if this is used to delete a specific file on the remote server so again this is another command that is just used to remove one of the files that you copy and finally the byte command will end your FTP session and that will bring you back to the original form so now we understood how the transfer works and it is fairly easy to understand how actually the transfer happens but now there is a another question as to okay now we are originally in that flash home slash XYZ that is my home directory but you know the PQR instead of in my flash home x y v it is now in a different directory it is a flash home slash x y v slash na so now how do we go to that particular directory the local because they already started the the FTP session so let us look at some of those local access commands so LCD is the is a command that can change the directory in the local PC so if you just type LCD followed by say na and then it will take from flash home x y v to flash home slash x y v slash na and LCD dot-dot will again go back to that one level up which is flash home slash XYZ and LPWD will now print out your current directory within your local PC so we can now transfer now what if we have like multiple files and we need to copy that all the files to the server so FTP provides some shortcut commands input which copies multiple files using a wild card so the here the wild card which is specified is the as risk which is stands for pretty much all the files in the local PC so all the files in the local PC will be taken and dropped into the server with the input star and M gate also copies multiple files from the server to the local PC again the usage is fairly simple it and get start so now that we understood the basics of an FTP protocol let us look at some of the challenges in terms of system administrator so the first thing is to configure the FTP server so here you can actually configure I mean these commands actually lists here are how we can configure the FTP server so that we can fine-tune some of the access rights available for the users so one such command is the FTP access which will set the access from the slash ETC file essentially so the this is actually in the FTP access CPL file which is a simple file which can actually use which you can use it to deny or accept certain posts from where like I mean you need to you can receive or send the FTP request actually usually make receive FTP request so essentially like I mean this the FTP access lets you to allow or deny and also like specify more specific operations like read only write only and then the use only group only kind of permissions that limit the FTP access form or a particular group or a particular idea this tries to FTP this also like I mean you can use this command actually to control the access at the directory level essentially so you can you can actually use the FTP access to specify for a given directory or given file what should be the access rights what to have then the other commands are the FTP conversion the FTP host the transfer log which is X for log and then the essentially like I mean the in red hack red hat initially red hack installation the users can find these files in the slash ETC and then the last one the transfer log in the slash bar slash log as I mentioned like so basically the FTP access will be a L file essentially which tells the users which files are accessible which directs to put serious various files into that that those directories so the FTP conversions can be used to change a particular file into the various various things basically for example you can compress the file you can visit the file things like that and then the you can you can also like use the the FTP host essentially like I mean use the particular type of host or that or which host can receive the FTP messages that's decided that's stored in the FTP host so fine so with these files you can actually control who is connecting to your machine when they can connect where they can connect and also the we saw that the FTP access using the FTP access file you can also limit what can they access so in that way like I mean FTP file is the most significant because it contains the configuration options and if you misconfigure those files that can also cause a denial of source and some of the viruses you can say think of it they can actually probably like change the FTP access file so that it can cause a denial of service again the FTP protocol is kind of used it's supposed to be very secure in the sense that it's not that easy to get into the systems so even though like you may think that okay this can be easily affected number one is FTP access is used in a very specific situation where you want the large file transfer and then the second thing is it's already like secure so you won't be able to do any kind of changes to the FTP access files so FTP access file is the primary means of controlling who can access the server this we saw already the ability to control the user active is a critical component in fine tuning the anonymous FTP server again anonymous FTP server we talked about it in the previous section which is essentially the FTP server where you can log in as an anonymous person and then control it that way basically like do the do the transfer that way so so now let's look at some more details regarding the how do we do this FTP access so again the we talked about the user access essentially like I mean again the the way that we want to control the access is by defining that class essentially the class of users so one is the class command itself defines the class of users who can access the FTP server there is also the auto group command which provides tighter control of anonymous users it does this by automatically assigning them to certain certain group permission so when they log in you can say that okay hey they are treat them as the same similar to my X group so that they inherit all the permissions that are available to the X group users and then the limit command essentially enables one to control the number of users according to the class and time of the day so if they belong to a certain class and then basically like I mean you can also say that okay for this time of day I want only like 10 users who can do it and this is usually like I mean this is limited through the hardware availability so how many ports that user can open up in a machine will limit the number of people who can access machine directly like at the same time essentially so let us look at some more commands for controlling the user access now a deny command essentially like I mean this one specifically tells like which users or which host to deny again this is basically like you can limit them by those IP addresses and then the login fails command enables one to disconnect the clients after they have reached the predetermined number of fail login items typically by default this number is five there is this website which has a lot of FAQ I also find it that some of the IBM sites are interesting and has a lot of lot more information so again to recap the the FTP access is limited through this FTP access control file which usually we keep it under slash ETC slash FTP access of TPL we may be able to actually access this and try to find out what are the entries in that file the entries are usually these commands we talked about in the last three sections three slides the commands usually are allow deny read only write only read write user only group only and then there are few other commands as well that we saw earlier so the allow I mean the typically like the way that you will be the syntax for the FTP access command file is keyword followed by the value and keyword it's usually like it's one one line the keyword fallen value comma value comma value so you can specify saying that allow and then you can all in post one post two post three whereas those hosts are the IP addresses of the various hosts you can also say like I mean the read only and then you can give the directory name and so that those directories are kept as read only and then you can also say like the user only and there are other commands Harold and MOTD or MOTD these things essentially like I mean you can specify and then the way that you can control like I mean whether particular user can be given a group permission it's essentially like I mean you can use the user only command and then again that that has the username all the user names and then you can specifically say group only and then the group the anonymous user essentially like I mean it's also like I mean you can specify the anonymous in the user only and then that usually like I mean the username is like you can get it from the flash etc password I gave you an exercise I think like last week to actually use this slash etc slash password I hope you did their exercise and actually found out what is inside that slash etc slash password which could give you more insights as to how to what are the user names and then the group names similarly are stored in flash etc slash group so you can see that actually like all these different access level item are stored in flash etc which is under the root directory so now let us move on let us look at how we can control the permissions so we have the some more commands essentially like which is delete which tells the server whether the FTP clients or authorized to delete files that reside on the server again continuing that these are other commands which we can port in so that explicitly tells whether the users may be able to delete some files on and then you can also have overwrite which controls the FTP clients whether the FTP clients can upload files and replace what is already there in the system then we have other command also for example the path filter command which essentially enforces restrictions on the file names that can be uploaded so if somebody names some file name as a file name with extension again so those are the other things that we can control using the path filter command so we can only allow certain files if you know that okay the virus file contains the extension yes then let us say like I mean let us ban that file so that we can filter only the files which do not have that extension the upload command determines the client's permission for placing a file in a specific directory and let us see some more administrative command one is the FTP shut this is the FTP server shutdown procedures so essentially like I mean it is useful when running over the FTP server all the time FTP who displays the active FTP users in the system so again the FTP shut shut FTP shut actually provides the automated shutdown so that quickly you can disconnect the FTP server take it offline it actually creates a control file in the same slash ETC area that is called the slash ETC slash shut MSG which is the shut message again this this particular command has the various arguments as well as options so I will ask you to take a look at it when there is chance now there are few more commands actually which I will briefly talk about one is the FTP DCTL this is more like a control program or professional file transfer protocol and this control program is used to control the daemon when it is running so essentially like I mean those so that is another another way to another one that you can use then FTP count is another one this actually gives just the current number of connections for each of the the FTP sites essentially so this shows the number of connections for server and also the virtual host and anonymous configuration as defined in the configuration file so again please look at this website to get more information regarding these commands then the other one is the FTP top which displays the current status of the FTP session and it also again very similar to the top command that we learned in the beginning lectures this also continuously updates until you press Q to quit the system then there are other commands essentially we like I mean to FTP quota that is to manage the quota that is how much our user can pay FTP scrub is another one which removes the the scoreboard file for the the professional FTP FTP command so as I mentioned the FTP program can have like multiple flavors the SFTP that I mentioned just the regular FTP there is also like something called WS FTP so here this is essentially like the WS FTP is more GUI based system where it shows both the local system and the remote system and then you can actually use the GUI to navigate to various levels even though like I mean it says that other FTP clients are very similar you can think of like just the FTP is the basic one which does not have any UI and then all these things are more fancier and they will have the UI that are shown here so I think we come to the end of this lecture so this should give you a good overview of FTP so we started by looking at FTP and looking at how we can actually do a file transfer mainly like we studied the how to initiate the transfer through FTP command then how do we use various commands like CD, PWD to look at what are the things that are there in the remote side then we also studied how to transfer the files using the put and the get commands and also we did that ASCII versus binary then we did talk about how to navigate in the local context which is LCT if you are using this one of the form the newer GUI based FTP like WS FTP you do not need to know those commands because you can easily move from one direction to the other using the GUI itself then we went into like some of the administrative stuff mainly we looked at the four files that are used for controlling the access of FTP and we learned more details regarding the FTP access file itself how do we write how do we code in the things so that it can take in like I mean it can give permission certain users allow certain people deny certain one and then also like change the group permission for an unknown user so then we also like learned about various FTP commands from the administrator's perspective how they can use it one thing that we notice was all these various files are retaining in the flash etc area which is very common for Linux to easily find these files and work on them finally we looked at this the newer FTP clients like WS FTP which simplifies a lot of things off in simple form so I think that is pretty much it for today we will take it up from this point in the next lecture thank you very much for listening