beta_ftp_man.html

**** BetaFTPD 0.0.pre17-pup-4 for puppy linux ****

Overview:

BetaFTPD is a single-threaded FTP daemon. The single-threaded-ness makes it faster than most other FTP daemons (contrary to common belief), and makes it extremely light on memory. Although it lacks a few functions (which you probably won't miss). Version 0.0.18pre17 is more stable than the latest official release (0.0.7)

Homepage: http://betaftpd.sourceforge.net/

Original by Steinar H. Gunderson <sgunderson@bigfoot.com>

Port to puppy linux, download-only mode and Control Center by papaschtroumpf.

Use of *any* FTP Server can present a security risk if your computer is

open to the Internet. Use at your own risk.

Usage:

(if you are new to FTP, you may want to scroll down to the "Why an FTP Server?" tutorial section below)

The original BetaFTPD has no command line options. To keep the program small, all options were built-in at compile time. This modified version has one optional command line argument to restrict anonymous ftp to download only, and one to restrict FTP access to each users' home directory. In its simplest form, just run the betaftpd executable to start the server. It will run as a daemon and run in the background. Puppy linux includes a BetaFTPD Control Center available in the menu for most Windows Managers (under Networking). You can also start the control center manually by running the betaftpd-cc script.

The BetaFTPD Control Center allows you to:

see the current server status

start / stop the server

enable / disable Anonymous FTP access

change full or download-only Anonymous access

enable / disable logging of file transfers

view this help file

You can access the shared directories with any FTP client or most modern browsers (Windows Explorer, Firefox, ...), most of them through drag and drop. The file transfer log is in /var/log/xferlog and is in the following format:

date xfer_time peer_address xfer_size filename b _ iN/oUT a owner ftp 0 *

The BetaFTPD Control Center

Shared directories:

All user can have access to their own home directory by logging in with their puppy linux username and password. Note the following limitations however:

for security reasons root cannot log in as an FTP user

for security reasons users with a blank password cannot log in

for security reasons the special user "ftp" does not have shell access

If you create a user for FTP access only, it is recommended that you don't grant that user shell access for improved security. This can be done by passing the -s /usr/bin/deny_sh option to add user as follows:

adduser -h /root/ftphomes/user -r /usr/bin/deny_sh user

In addition to user directories, the home directory of special user "ftp" is shared to all anonymous users. That "ftp" user can be activated through the Control Center. Upload is allowed in all shared directories, allowing two way transfer of files. However the Control Center has an option to disallow upload/delete for anonymous users. For added security, users only have FTP access to their own home directory.

Note that betaftpd support a "non-root" mode, and you may find references to it if you look for it on the Internet. Support for it is somewhat experimental and has been disabled in the Puppy build. The Control Center requires that the FTP server be run by the root user.

Why an FTP server?

FTP is one of the oldest and most common ways for transferring files over the Internet. An FTP client connects to a server and can request and sometimes upload files to the server. There are many kinds of FTP clients. Some are command line base, requiring you to know shell-like FTP commands, others have a nice graphical interface, others are "transparent": you drag and drop files between a browser and a local folder without knowing that you are actually doing an FTP transfer. Internet Explorer in Windows and Konqueror on linux have very good drag and drop FTP implementations.

You need a user and password to log into an FTP server, however some servers have a "special" user called "anonymous" that doesn't have a password. The server will prompt you for a password but you can enter anything, although net etiquette often dictates that you should enter your email address. BetaFTPD can be used in a variety of ways:

1) User specific access:

For example you want to share files with a friend halfway across the world, but those files are too big to email: you can create an account for your friend on your puppy machine as follows:

adduser -h /root/friend friend

You will be prompted for a password for user "friend" (you could call him Bob, Mom or Fido), and when the process completes, you will have a /root/friend directory. Put the files that you intend to share with him in that directory. Start BetaFTPD (or more precisely the Control Center) from the start menu and click "Start FTP server". If you don't want anonymous access (see below) make sure that you click on the "Disable Anon" button.

Your friend can then type "ftp://xxx.xxx.xxx.xxx" in his browser or his favorite FTP client, where xxx.xxx.xxx.xxx is the Internet address of your computer and log in with the user name "friend" and the password you assigned to it. (If you are behind a broadband router you will need to configure it to allow port 21 and possibly forward it to the puppy machine. How to do this is outside of the scope of this document).

(Added note-if you are running a firewall in Puppy you will also have to set it to allow incoming and outgoing on Port 21. There are good instructions for doing this on the forum)

Note that your friend can also upload files to /root/friend. Unless you want your friend to have shell access also, it is recommended that you create the account with the -r /usr/sbin.deny_sh (see "Shared Directories")

2) Access for everyone

Let's say that you're a budding music composer, or artist or programmer and want to share the fruit of your labor with the rest of the world: you can't create a user account for every person in the world! What you need to do is allow anonymous access to your server: simply click "Enable Anon". A new window appears prompting you for the password for the anonymous (or "ftp") user. Once the user is created, the files in /root/ftp will be shared to anyone that cares to look! The BetaFTPD offers to open a rox window to let you see the contents of that folder, just in case you want to check.

Pay close attention to the status of the anonymous access shown in the Control Center: if it says "FULL Anonymous FTP access is available for /root/ftp" it means that not only anyone can log in and download your files, but anyone can also log in and upload whatever they feel like. This is dangerous! you could end up unknowingly hosting pornographic or copyrighted material placed there by one of the anonymous users for other anonymous users to retrieve. What you want to do to prevent this (believe me, you do) is change anonymous access to only allow downloading by pressing the "Download-only" button. You may even want to press the "Enable Log" button to get a log of each transfer in and out of your machine. Press the "View Xfer log" button to see the log. The first line shows you what its format is (or see "Usage" above).

3) LAN file transfer

The examples above assume that you can and are willing to share part of your computer over the Internet. There is one safer application that is quite useful:

Since just about every operating system has an FTP client, you can use FTP to transfer files between multiple computers with different operating systems on your home network. This is when allowing "full access" for anonymous users is OK: some clients can be configured to automatically attempt anonymous access and you won't be prompted for a user name or password (the "transparent" clients like Konqueror and Windows Explorer work that way). You can then drag and drop files in and out of the "repository" in /root/ftp on your puppy machine. If the other machines on your network are mostly windows machines, you may want to look at using Samba, the windows "network neighbourhood" protocol, for example using LinNeighbourhood which is also available for puppy.

Under the hood:

For puppy linux, BetaFTPD was compiled with the following options:

enable-upload so that you can upload files to the server

enable-xferlog to provide a log of all transfers. If the log file doesn't exist when the program is started, it will not log anything. That's what is used in the Control Center to enable and disable logging.

enable-fork the server runs silently in the background, "daemon-style"

enable-shadow to support user passwords

In addition the code was modified to add the -restrict option to disallow anonymous uploads/deletes. Another option, -contain, was added to restrict user navigation to their home directories instead of full machine access as in the original server.

These commands are believed to be fully compliant with RFC959 and RFC1123:

PORT, PASV, USER, PASS, CWD, CDUP, QUIT, DELE*, PWD, SYST, NOOP, STOR*, APPE*, ABOR, RNFR*, RNTO*, MKD*, RMD*, ALLO*, REIN, ACCT, HELP, STAT and MODE.

The * denotes a command that is disabled when -restrict is used.

These commands are not implemented at all: SMNT, STOU and SITE.