How to convert FTP server to secure SFTP on Amazon EC2 - amazon-ec2

I have FTP server on Amazon EC2 which I can access by giving this URL: ftp.websitename.com:4522
after that username and password to accessing the files from this location.
Now I want to convert into secure FTP like if I will give sftp.websitename.com:4522 then it will ask me for username and password and allow me to login into the application.
First of all is this possible?
I tried below instructions for installing vsftd1 vsftd2 but didn't help me.
after doing the changes into this two link I tried to login through WinSCP and selected file protocol as SFTP and typed ftp.websitename.com, in port number 4522 and given username and password but didn't allowed me to log in.
edit 1 :
i have my amazon ec2 instance in centos 64bit.
someone else set-up the ftp connection and now i am taking forward from that point,i will get all the details and will try to modify my question in more specific way.

You didn't specify, what OS are you running. But from a reference to vsftpd, I assume some *nix flavor. You didn't specify, what FTP server you have running, and how did you set it up. Your question is pretty vague. But I'll try to give some hints.
The vsftpd is an FTP server only. It does not support the SFTP. It supports the FTPS (FTP over TLS) though. Do not get confused by its name. While the vsftpd stands for "very secure FTP daemon", it just means, it aims to implement FTP securely, not that it implements the SFTP".
Note that virtually all *nix servers come with an SSH/SFTP server built-in (OpenSSH). It runs on port 22.
For instructions how to connect to the EC2 SFTP server with WinSCP, see (my) guide:
Connecting Securely to Amazon EC2 Server with SFTP.
Also make sure you understand the difference between the SFTP and the FTPS.

Related

Error: "Failed to retrieve directory listing" when connecting to EC2 server with FTP

I currently have a problem accessing the sites I had pre-configured on my Filezila. The only changes I recently made was adding a secure private key to access my EC2 instance through SFTP.
There are a number of sites that I can no longer access but before I could access
I have checked with another developer who has FTP access to the sites and he has no issue.
I get this error, see below, but it is not for all sites?
I tried deleting that SFTP key but that didn't seem to make any difference.
Any ideas?
You are connecting with the FTP protocol to EC2 with FileZilla.
SSH/SFTP key has nothing to do with the FTP protocol.
Moreover you are connected and authenticated already to the FTP server at the point you get the error.
The problem you are facing is a misconfigured firewall or NAT between you and the server that prevents the client to open data transfer connection to the FTP server.
See (my) article about FTP connection modes for details.
Though I guess the real problem is that you used to use the SFTP before and now you switched to the FTP by mistake.
It's actually not typical to connect to EC2 with the FTP. Linux EC2 servers do not have the FTP by default. Unless that is a Windows server (on the other hand, in that case it won't have SSH/SFTP by default).
For explanation how to connect to Linux EC2 server with the SFTP see (my) article Connecting Securely to Amazon EC2 Server with SFTP.

Can you use FTP with Google Compute?

Hey I'm just wondering if there is a way to setup a regular FTP server on Google Compute. SFTP works, but I'm migrating from a physical server to google, and already have 100's of regular FTP users. I would rather not have to get them all to switch to SFTP if I don't have to. (I would like to do that long-term, but I don't want to break all of their connections when I migrate.)
Yes, you can use FTP. You must
Install an FTP server
Open port 21 & a range of higher ports, eg 49152-65534.
Configure the FTP server to use the port range from (2) for Passive FTP
Configure the FTP server for your users/destinations.
That said FTP is a very insecure protocol. Migrating to SFTP is very important for your users' security.

Transfer Files To VPS Using FTP

I Just Got A Free VPS From Upcloud.com
It has VNC Preinstalled, 2 GB Ram, 1 Core Cpu.
I Just Installed PHP and mySQL.
My Vps Ip
http://83.136.252.156/
How do I upload with ftp files to:
/var/www
?
Nooooo!
Don't use that protocol left over from the 70th! It is a nightmare for all firewall administrators.
Use the ssh server instead which you undoubtedly already used for other purposes:
the ssh server offers sub protocols, namely scp and sftp.
You can use sftp from the command line, many modern ftp clients also support this more advanced protocol too. And you don't have to install and configure an additional ftp server which can be painful. And you get strong encryption of your credentials as well.
There are many manuals out there in the internet.
Create yourself a key (much more safe and convenient than using passwords) and go!
upload your files through ftp client called 'Filezilla' or if you have upload facility through control panel itself then well upload from their itself. Create FTP from your control panel and Download filezilla and install it locally on your system and upload by connecting to your server using following details like Host, Username, Password and Port.
But i suggest not to go with free hosting services where they are used one and would have changes to spam access more. Anyhow if your looking for some best and cheap vps hosting services than will suggest for my datacenter provider, which is TRIJIT.

Accessing FTP Server using a specific IP Address

I want to access a FTP Server, that is firewall protected meaning only IP addresses that have been added to the safe list may access the FTP file.
And The IP address of my website has been added to the safe list of the firewall.
I am using Filezilla to connect to it, but it is not allowing me to connect to the FTP server since my PC has a different IP.
Please suggest me a way to connect to the FTP server.
Thanks In advance....
If you can ssh/telnet into your host, then you could use the command line ftp.
Another option is to use a web-based ftp client that is installed on your web server (such as http://www.phpwebftp.com/ if you have PHP).
Run an ftp client on the allowed server; or, persuade the ftp admin to add your PC's IP address to the whitelist, and ensure and/or pray that it doesn't change (maybe pay your ISP extra for a static IP); or, use a proxy on an authorized server. The first option is definitely the most painless, assuming you have shell access to your web server (and if not, what sense does it make to have it on the authorized list?)
Some popular command-line clients you might find installed on the server include ftp (sic), ncftp, curl, wget, lynx, and w3m. The last two are actually terminal-based text-only web browsers.
If you have shell access to your server, you could create a SSH-tunnel like this:
ssh user#example.org -L 21:127.0.0.1:21
then you can connect to the FTP-server using localhost:21 from your pc.
http://www.debianadmin.com/howto-use-ssh-local-and-remote-port-forwarding.html

How to install and configure FTP on amazon Ec2?

i wan to install FTP service on my amazon Ec2 window instance,
i have some questions regarding this.
which is a good FTP demon to install on EC2 service for windows on EC2 instance.
can we install FTP same as we can do on window server with window CD.
any tutorial or videos of installation and configuration FTp on Ec2 server which help we?
kindly help me in this regards. Thanks
Here you will find a great tutorial that explains also the inner workings and problems you might encounter trying to setup an ftp server on amazon EC2 instance.
It also explains why just opening port 21 on the amazon firewall will not work. The example there uses the free filezilla ftp server and client but any can be used.
http://me-ol-blog.blogspot.com/2011/03/how-to-install-ftp-server-on-amazon-aws.html
Edited (24-sep-2013):
Because the best policy practice for stackoverflow says not to rely on links, i copied the info from my blog to here:
How to install an FTP Server on amazon AWS EC2
This seems to be a big issue as people usually waste a lot of time on this.
The problem lies with 2 elements: the security group settings & the ftp server settings.
FTP is not considered a good solution for passing files between EC2 instances and your computer as it is not firewall "friendly" - you can't just open port 21/TCP on the amazon security group settings because the server is actually sitting on a NAT address and when an ftp client connects to an FTP server using PASV mode then the server tells the client which port and which address to use for the data stream (like directory listing).
If you want an alternate easy solution for transferring files between yourself and the EC2 instance then setup a dropbox on both machines - it doesn't get easier than this... :)
If you still want to set up an FTP server on your EC2 instance then read on...
Typically, people just try to open port 21 and then try to connect and get something similar to:
Status: Server sent passive reply with unroutable address. Using server address instead.
Command: MLSD
Response: 425 Can't open data connection.
The solution is (and for this example I will explain how to perform the setting on FileZilla FTP server on windows):
1. FileZilla FTP server: Edit-> settings -> Passive mode settings:
(x) Retrieve external IP from:
http://ip.filezilla-project.org/ip.php
[ this tells the ftp server to perform a 'whatismyip' and give that to the ftp client, you can also specifically put the address DNS name you use in your remote desktop in the "Use the following IP:", e.g., ec2-6-100-129-60.compute-1.amazonaws.com ]
(x) Use custom port range:
1024-1048
[ these are the ports that will be given to the ftp client - we will open them in the following step in the Firewall ]
2. Amazon security groups: open ports -
a. Custom TCP rule , Port range:21
b. Custom TCP rule, Port range:1024-1048
3. Turn off the windows firewall on the EC2 machine (you don't need it - you have the amazon firewall)
That's it, and just as side note, you don't need to use Elastic IP feature for this to work.
Also don't forget to set your client to use PASV mode (which is typically the default).
You can verify this works by reading the answer the server gives the client when it enters PASV mode:
Command: PASV
Response: 227 Entering Passive Mode (174,149,71,102,4,7)
This response means: "Yo FTP client, use 174.149.71.102 and port 4*256+7=1031"
The Windows EC2 instances are all Windows Server 2008. The easiest thing to do would be to enable the built-in FTP functionality.
See http://www.youtube.com/watch?v=QsGPqkobCs8.
Many people are suggesting to 'Turn off' the Firewall on Windows. It seems easy to get away from confused firewall configuration, but long run it's not good security practice.
Blog may help to configure the FTP step by step with IIS 7.x
http://clouditops.blogspot.in/2016/12/ftp-configuration-on-aws-iis-7x-server.html

Resources