Using FTP Clients

The FTP protocol allows users to connect to a server, read directories and filenames, and download and upload data. If the correct access rights are set, users can also create new folders and set access permissions on them.

However, using FTP poses a security risk: Usernames and passwords are transmitted unencrypted across a LAN or the Internet. To stop users from taking the risk of giving their authentication details to anyone listening on the wire, many sites enable only anonymous FTP login and file retrieval. Many Linux users have turned to more secure alternatives, such as sshd and sftp or scp, included with the OpenSSH suite. The following sections discuss the different types of newer and traditional interfaces to FTP and their usage. Because they are part of the larger OpenSSH collection, the sftp and scp commands are covered in Chapter 19, "Remote Access with SSH and Telnet."

The FTP Client Interface

Using the text-based FTP interface helps you understand what each action in a graphical FTP session does. This understanding can be handy when, for example, the graphic client does not automatically detect the file type being transferred. In this situation, a binary file is transferred as an ASCII file and is therefore useless. Conversely, an ASCII file transferred as a binary prints the ^M control character at the end of each line. This error typically occurs when transferring files from older Microsoft Windows operating systems to Linux because the Windows FTP client defaulted to ASCII, not binary transfers.

Using the Text-Based FTP Client Interface

Some of the following common commands may be used in a typical FTP session:

• ascii Sets an ASCII file transfer type for the FTP session. You use this command before file transfers when sending or receiving text files.

• bin Sets a binary file-type transfer for the FTP session. Use it before file transfers to send or receive binary files such as graphics images or compressed archives.

• close Closes a connection to a remote server during an FTP session. Use this command instead of quit or bye to return to the ftp command prompt.

• get Initiates a transfer of a single file from the FTP server to the user's local machine. Use this command to retrieve a single file (such as get cartoon.jpg).

• hash Sets use of a hash mark (#) during file transfer. Use this command to get a visual indication of the progress of a transfer.

• mget Initiates a transfer of multiple files from the FTP server to the user's local machine. Use this command to download (receive) multiple files with a single command (such as mget *.jpg).

• mput Initiates a transfer of multiple files from the user's local machine to the FTP server. Use this command to upload (send) multiple files with a single command (such as mput *.jpg).

• open Opens a connection to a remote server using an IP address or hostname. Use this command when working at the ftp command prompt (such as open ftp.redhat.com).

• prompt Is an interactive command that asks the user for input on whether to get a specific file when the mput or mget command is issued. If the user initiates an mget *, with prompting on, the FTP client prompts the user to transfer each file that the * wildcard matches. This can be particularly useful when several files in a directory need to be transferred, with one or two files that are unwanted. By default, prompting is turned on.

• put Initiates the transfer of a single file from the user's local machine to the FTP server. Use this command to upload (send) a single file (such as put inventory.doc).

• quit Use this command to close the FTP connection and quit the ftp command.

These are just some of the commands available during an FTP session. By typing help, the user can see a full list of valid commands. Typing help command-name displays a brief description of what that command does. Listing 24.1 shows the help output.

Listing 24.1. The Commands Listed by help in an FTP Session

Commands may be abbreviated. Commands are: !               cr             mdir           proxy           send $               delete         mget           sendport        site account         debug          mkdir          put             size append          dir            mls            pwd             status ascii           disconnect     mode           quit            struct bell            form           modtime        quote           system binary          get            mput           recv            sunique bye             glob           newer          reget           tenex case            hash           nmap           rstatus         trace ccc             help           nlist          rhelp           type cd              idle           ntrans         rename          user cdup            image          open           reset           umask chmod           lcd            passive        restart         verbose clear           ls             private        rmdir           ? close           macdef         prompt         runique cprotect        mdelete        protect        safe

A Typical FTP Session Using the ftp Command

Connecting to a remote FTP server can require a username and password, but many servers also provide anonymous access. A properly configured remote FTP server responds quickly to FTP requests, and displays shared directories and files. This section shows a sample FTP session with a typical server found at many Internet sites (in this case, running the wu-ftpd server).

You connect to a remote FTP server by using the ftp command along with either the IP address or hostname of the remote computer, like so:

$ ftp pheniox Connected to pheniox. 220 pheniox FTP server (Version wu-2.6.1-18) ready. Name (pheniox:tdc): anonymous 331 Guest login ok, send your complete e-mail address as password. Password: 230 Guest login ok, access restrictions apply. Remote system type is UNIX. Using binary mode to transfer files. ftp>

In this example, ftp is used to connect and then log in using anonymous access. This is done by entering the word anonymous at the Name prompt. After you press Enter, a password prompt is displayed. When using anonymous access, it is considered good form to enter your email address as a courtesy. There is no validation of the address entered, but many FTP servers are configured to accept only a valid email address form (that is, user@somewhere.com) if any text is typed at the prompt.

Tip

Many FTP servers accept a simple press of the Enter key at the password prompt if accessed anonymously.

Now that a connection has been established and authenticated to the server, you can set up your FTP session to work the way you want it to. As mentioned in the previous section, the ftp command has many different built-in commands, which you can view by typing a question mark at the ftp> prompt. These commands can affect the session display, set the type of file transfer, or obtain information about the remote server.

ftp> hash Hash mark printing on (1024 bytes/hash mark). ftp> prompt Interactive mode off. ftp> bin 200 Type set to I.

In this example, you have told ftp to print a hash (#) character for every 1024 bytes that are transferred, turn off prompting, and set the transfer type to binary (which should be on by default). The hash character display provides a visual indicator of the progress of your downloads and uploads. Turning off prompting allows you to send and retrieve multiple files without the need to confirm each transfer. Setting the transfer type to binary ensures that binary files are transferred in the proper format instead of text, which means that executable files and pictures transfer correctly.

Next, you ask the server to show a listing of what directories and files are available on the server:

ftp> ls 200 PORT command successful. 150 Opening ASCII mode data connection for directory listing. total 32 d--x--x--x   2 root     root         4096 Aug 31 07:15 bin d--x--x--x   2 root     root         4096 Aug 31 07:15 etc d--x--x--x   2 root     root         4096 Aug 31 04:44 lib d--x-x---x   2 root     50           4096 Sep 3 07:34 pub 226 Transfer complete.

If directory permissions in the FTP repository are set correctly, the pub directory should be the only directory that shows any files under it. To verify this, change directories to etc and list the contents:

ftp> cd etc 250 CWD command successful. ftp> ls 200 PORT command successful. 150 Opening ASCII mode data connection for directory listing. total 0 226 Transfer complete.

By setting the permissions to execute only on the directories bin, lib, and etc, a system administrator can restrict users from seeing any files in those directories. Good security dictates that remote users be denied information about a system because any information could aid in hacking attempts.

Now that you see the server is relatively secure, change directories to pub and list its contents:

ftp> cd pub 250-Please read the file README 250-  it was last modified on Sun Sep 2 19:25:47 2001 - 1 day ago 250 CWD command successful. ftp> ls 200 PORT command successful. 150 Opening ASCII mode data connection for directory listing. total 552 -rw-r--r--   1 root     50            100 Sep  2 19:25 README -rw-r--r--   1 root     50              8 Sep  3 07:33 configuration -rw-r--r--   1 root     50              8 Sep  3 07:33 temp.txt -rw-r--r--   1 root     50          15798 Sep  3 10:29 tftp-0.17-14.i386.rpm -rw-r--r--   1 root     50          26011 Sep  3 10:30 tftp- server-0.17-14.i386.rpm -rw-r--r--   1 root     50         219332 Sep  3 10:29 wu-ftpd- 2.6.1-22.i386.rpm226 Transfer complete.

To transfer all the RPM files to your local machine, issue the mget *.rpm command:

ftp> mget *.rpm local: tftp-0.17-14.i386.rpm remote: tftp-0.17-14.i386.rpm 200 PORT command successful. 150 Opening BINARY mode data connection for tftp-0.17-14.i386.rpm (15798 bytes).############### 226 Transfer complete. 15798 bytes received in 0.974 secs (16 Kbytes/sec) local: tftp-server-0.17-14.i386.rpm remote: tftp-server-0.17- 14.i386.rpm 200 PORT command successful. 150 Opening BINARY mode data connection for tftp-server-0.17- 14.i386.rpm (26011 bytes). ######################### 226 Transfer complete. 26011 bytes received in 2.5 secs (10 Kbytes/sec) local: wu-ftpd-2.6.1-22.i386.rpm remote: wu-ftpd-2.6.1- 22.i386.rpm 200 PORT command successful. 150 Opening BINARY mode data connection for wu-ftpd-2.6.1- 22.i386.rpm (219332 bytes). ################################################################# ################################################################# ################################################################# ################### 226 Transfer complete. 219332 bytes received in 50.3 secs (4.3 Kbytes/sec)

As described before, the mget command transferred all files with the .rpm extension to our local machine. Furthermore, it did not prompt us to confirm each file because we turned off prompting. The ftp client printed a # for each 1024 bytes transferred to our machine. This is helpful when transferring over a slow connection because you get a visual reminder that your connection is still active.

Tip

After every action, the FTP server returns a status code and brief message showing the result of the command you issued. You can find a listing of all status codes and their corresponding messages in Request for Comments 959; you can access a copy of this listing at http://www.ietf.org/rfc/rfc959.txt.

Now you are finished with this session; you can issue the command quit or bye to end the session. The FTP server informs you of how many bytes your session transfers, how many files, and the total transferred data (in bytes) between your local machine and the server.

ftp> bye 221-You have transferred 503818 bytes in 5 files. 221-Total traffic for this session was 506422 bytes in 7 transfers. 221 Thank you for using the FTP service on pheniox.

This is a simple example, but average FTP sessions are similarly trivial. Several other commands are available during an FTP session, but they are rarely used. FTP has the capability to take scripted input and define macros that allow for a much more complicated session.

Tip

The FTP info pages are much like the man (manual) pages shipped with almost every command in Linux. More detailed information may be found in the command's source code package.

Using the lftp Command for File Transfers

The lftp command can be used for file transfers using FTP, HTTP, and various secure protocols such as HTTPS and HFTP if a remote proxy is enabled. Two great features of this command are the ability to restart a stalled download in the middle of a file transfer, as well as to start and run multiple downloads in a single session (with job control).

For example, here is a simple session showing an HTTP retrieval from a remote computer running the Apache web server:

$ lftp http://192.168.2.37 cd ok, cwd=/ lftp 192.168.2.37:/> ls -rw-r--r--  --  manual/mod/core.html -rw-r--r--  --  manual/index.html -rw-r--r--  --  icons/apache_pb.gif -rw-r--r--  --  poweredby.png lftp 192.168.2.37:/> get poweredby.png 1154 bytes transferred lftp 192.168.2.37:/> bye

The lftp command can also be used as a traditional FTP client, but with some interesting features:

$ lftp 192.168.2.67 -u phudson Password: lftp phudson@192.168.2.67:~> cd /d2/isos/redhat/limbo cd ok, cwd=/d2/isos/redhat/limbo lftp phudson@192.168.2.67:/d2/isos/redhat/limbo> mget disc1 & [0] mget *disc1* & lftp phudson@192.168.2.67:/d2/isos/redhat/limbo> jobs [0] mget *disc1*          'limbo-i386-disc1.iso' at 56436448 (8%) 1.08M/s eta:9m [Receiving data] lftp phudson@192.168.2.67:/d2/isos/redhat/limbo> bye [1843] Moving to background to complete transfers... $ ps aux | fgrep lftp phudson     1843  7.6  1.0  5456 2404 ?        S    19:09   0:02 lftp 192.168.2.67

A username (and password) can be passed on the command line using the -u option. You can use this feature to reduce the amount of interactive typing required when retrieving remote files, as an aid when using lftp in shell scripts, and when retrieving files with lftp as a background process.

By using an ampersand (&), the retrieval is conducted in the background, as shown in the preceding example. The jobs command is used to show current transfers. If a user logs out of the session (using the bye command), the file transfer continues as a background process if it has not completed. (This is verified by using the ps command.)

The lftp client has many additional features that can make the job of transferring files easier than using other FTP clients.

Note

Another handy text-based file transfer utility included with Fedora is curl, which supports HTTP for file retrieval.

Using the wget Command for File Transfers

The wget command is used for file transfers using FTP, HTTP, and various secure protocols such as HTTPS and HFTP if a remote proxy is enabled. However, wget supports only noninteractive transfers, unlike other FTP clients. This is actually a feature because wget can be used to download files as a background process and to recursively replicate remote file directories. The command also supports download completion of partially downloaded files, which can save a lot of time during periods of intermittent connectivity or broken connections.

For example, here is a simple invocation showing FTP retrieval from a remote computer using wget and an FTP URL:

$ wget ftp://phudson:mypasswd@stinky/mp3/* --13:13:28- -  ftp://phudson:*password*@stinky/mp3/*            => '.listing' Resolving stinky... done. Connecting to stinky[192.168.2.33]:21... connected. Logging in as phudson ... Logged in! ==> SYST ... done.    ==> PWD ... done. ==> TYPE I ... done.  ==> CWD /home/paul/mp3 ... done. ==> PORT ... done.    ==> LIST ... done.     [ <=>                                 ] 648         632.81K/s 13:13:28 (632.81 KB/s) - '.listing' saved [648] Removed '.listing'. --13:13:28- -  ftp://phudson:*password*@stinky/mp3/C31821-01A.mp3            => 'C31821-01A.mp3' ==> CWD not required. ==> PORT ... done.    ==> RETR C31821-01A.mp3 ... done. Length: 5,172,089 60% [=====================>               ] 3,123,680     264.80K/s    ETA 00:07

In this example, the user retrieves all files in a directory named mp3 (under /home/paul) on the remote host named stinky. The wget command first retrieves a directory listing, and then proceeds to download the specified files (all marked with * in this example). Note that you can specify a username and password (mypasswd in the example) on the command. This generally is not a good idea. A better, but still not really secure, approach is to save the password in a file named .wgetrc in your home directory. See the wget man page for more information, or check the only documentation at http://www.gnu.org/software/wget/manual/wget-1.8.1/html_mono/wget.html.

Tip

Another popular use for wget is downloading complete copies of websites for offline reading, although it is not very friendly toward website owners who have to pay for all the bandwidth!

To download an entire site, you need to specify the --mirror, --convert-links, and -p parameters, followed by the URL of the site to download. The first parameter tells wget to download all the pages and pictures from the site, following links as it can. The second tells it to rewrite the HTML so that it works when browsed locally. The last parameter, -p, tells wget to download all the files referenced in the HTML, such as sounds, CSS files, and other related documents. You might also want to specify the -w parameter, which allows you to specify a number of seconds between individual wget requests; this stops your download from overloading the web server.

So, the complete command to download a website (for example, www.example.com) would be wget --mirror --convert-links -p -w 2 http://www.example.com/.

Using Graphical FTP Clients

Many graphical FTP clients are available for Linux. Fedora includes the graphical gFTP client and network-aware browsers included with GNOME and KDE. These browsers feature built-in drag-and-drop capability, thus ensuring FTP functionality. Other graphical interface clients that can be used for FTP include the Mozilla web browser, KDE's Konqueror, GNOME's Epiphany, and the Nautilus file manager.

Using the gFTP Interface

The GNOME gFTP client provides all the typical features of FTP, including the capability to save profiles of common connections. Figure 24.1 shows a typical gFTP session in action. On the left panel is the local host, and on the right panel is the remote server. A connection is initiated by typing the address of the host into the host field, a specific port if not the standard FTP port (21), a valid username for the server, and a password. After the information is entered, clicking the icon that looks like a monitor starts the connection to the server. The bottom panel displays session information, such as changing directories, as shown in Figure 24.1.

Figure 24.1. A typical gFTP session.

gFTP sets the file type as binary by default, which can be changed by clicking ASCII in the FTP drop-down menu. To upload a file to the server, the user clicks a filename in the left panel and clicks the right arrow icon. The file is then transferred to the server, and the right panel is updated to reflect this new file being added to the server. Similarly, to download a file from the server, the user selects the correct file type from the drop-down menu, selects the file to be downloaded, and clicks the left arrow icon. The left panel is then updated to show the result of the transfer, with logging information shown in the bottom panel.

After all files are uploaded or downloaded, you must close the session. Do this by clicking the red button on the top right of the application window to issue the quit command. gFTP displays the session summary information in the log panel at the bottom of the application. You can also close the session simply by exiting gFTP.

FTP Sessions with Konqueror and Nautilus

Both KDE and GNOME file browsers have integrated FTP functionality built in. Use an ftp:// URL followed by a server name or IP address to start an anonymous FTP session. The drag-and-drop feature of KDE and the GNOME window manager allows users to select remote files and drag them to the desktop.

KDE's Konqueror web browser is capable of handling a number of networking and file transfer protocols, including FTP. You can configure various settings for this browser, such as the appearance of the browser's toolbar, but one of Konqueror's best features is its flexibility for file transfers.

Start the browser by clicking its icon on the KDE's kicker desktop panel or by typing the following at the command line:

$ konqueror &

After launching the client, you can use the ftp:// URL form to access remote servers, as shown in Figure 24.2.

Figure 24.2. KDE's Konqueror web browser can access remote FTP servers.

If your window manager does not support drag and drop, you can use Konqueror's Copy Files feature to retrieve a file. First, you type in an FTP URL (such as ftp://ftp.tux.org). Next, navigate to a desired directory and click to select a desired file. You then click the Edit menu's Copy Files menu item (or press F7). A Save dialog appears, and you can select your home directory to save the file. After you press Enter, a file download progress dialog is displayed while the file is being retrieved.

You can also use the Nautilus browser to retrieve files from a remote server. Figure 24.3 shows an anonymous login to a remote FTP server using Nautilus. Browse to a remote FTP server by going to the File menu, and then selecting Connect to Server (Public FTP is the default server type). Simply click to select a file, select Copy from the Edit menu (or press Ctrl+C), click to go to your home directory (using the icon in the Nautilus toolbar), and then click Paste (or press Ctrl+V) to retrieve and save the file.

Figure 24.3. The Nautilus file browser can be used for FTP sessions.

These types of intuitive features can shield users from needing to know the details of how FTP works or memorizing various commands.