SSH/VPN and FTP: How do I use them?

Discussion in 'Mac Apps and Mac App Store' started by dingdongbubble, Jul 27, 2007.

  1. macrumors 6502a

    Jun 1, 2007
    OK I am not an expert in computers so please dont thik that I am an idiot.

    What is SSH and VPN? How can I use them? Do they take a lot of bandiwdth? Are they hard to configure?

    FTP: What is its primary use? Where do people most often use it? Can I transfer using an FTP client across a LAN or over the internet to some friend?
  2. thread starter macrumors 6502a

    Jun 1, 2007
    Anyone? I dont like using Yousendit for big files. Can an fTP do the same?
  3. Aea
    macrumors 6502a


    May 23, 2007
    Denver, Colorado
    SSH - Secure Shell to Remote Server (Typically 'Nix)
    VPN - Virtual Private Network - Connecting to a remote location as if it was locally accessible (check me on this, not sure)

    FTP - File Transfer Protocol - Typically used to transfer files from one location to another...

    Use depends, SSH is as easy as typing ssh ip -p port into terminal, but actually being able to use a shell depends on the target system and takes experience.

    Most of these protocols are bandwidth efficient that it depends on the files you're transferring, the overhead is small, but transferring a 1GB file will use up 1GBs of bandwidth.

    You can use FTP for that purpose, but one of you will need to establish an FTP server on your machine.

    Your questions seem to be all over the place, so you probably have another idea in mind (such as transferring files to a friend), so in that case it might be better to ask that directly :)
  4. thread starter macrumors 6502a

    Jun 1, 2007
    Thanks Whats a Shell?:eek:

    And VPN sounds darn good. My Dads IT folks use VCN. Can I use VPN to access my Mac from my mobile phone?

    Finally is setting up a FTP server a hard and technical thing like using command line and knowing jargon? Are there no 'easy to use' FTP programs out there so lets say I want to send a file to a friend, I go to the program, it automatically and easily creates an ftp server, I give a link to m friend and using another ftp program he downloads the file?
  5. thread starter macrumors 6502a

    Jun 1, 2007
    OK I got CrossFTP Server. Will it be ok for basic FTP across the internet?
  6. macrumors 68020


    Jan 3, 2006
    I use Fugu for secure (encrypted) FTP and I like it quite a bit. I don't know about yours, but probably it is OK.

    SFTP is a good option to transfer files from one computer to another, but it may be a bit complicated to do it between your home computer and your friends computer in another home. Not that the software is complicated to use, but you need to know IP address of your friends computer. Kind of like, you need to know the phone number before you can call that person. Home internet connections unfortunately do not have fixed, easy to track numbers, so it takes a bit of work to figure it out. Your ISP, let's say Comcast or Verizon, assigns your home a number, but that number may change over time. Besides, most people use routers and wireless base stations that assign additional sets of numbers to the computers inside the house and may not make those numbers visible from the outside for security reasons.
  7. thread starter macrumors 6502a

    Jun 1, 2007
    Ok folks I am trying to setup and FTP at home. It works on my LAN but how can I make it work from WAN? Should my FTP client try access the WAN IP? And I am behind a router so the thing gets split up onto the LAN. Now I went to my router config and forwarded (or something) FTP port 21 onto my server computers LAN IP. Is this correct?

    I am trying to setup a Windows XP as the server. Should I use Passive or Active mode?
  8. thread starter macrumors 6502a

    Jun 1, 2007
    OK when I try to use another computer on the LAN to access the FTP via WAN, it gives me a 530 error Invalid User. What should I do. I ahve configured my FTP server to allow anonymous access.
  9. macrumors 603


    Oct 2, 2006
    The Land of Hope and Glory
    Please try and explain exactly what is that you are trying to do. At the moment I am confused, first of all you said that you want to be able to access your friends machine via FTP and now you seem to be configuring an FTP server.
  10. thread starter macrumors 6502a

    Jun 1, 2007
    I am trying to make an FTP server so that I can easily transfer files with friends.

    Latest update:
    I tried accessing the FTP from another computer via WAN. I had to put in my routers admin password for it to stop showing me the error 530 invalid user. But once I do that, nothing comes up as though I am in an empty folder (I am accessing using Win XP Home). But when I use the same PC to access the FTP via LAN, it works properly.

    An idea as to whats going on?
  11. macrumors member

    May 22, 2007
    If you are using a windows machine...

    then I would use Filezilla for your ftp server. It is very easy to configure, and you can give discrete users different access to different folders on your drive based on group or individual. As far as setting it up through the router, you will need at least port 21 open and passed through to the xp machine, and you might be able to just turn on UPNP on you router to take care of the rest. That might even work with the port 21 thing. Port 21 is the negotiation port, the transfers actually happen on a higher port.
  12. macrumors 603


    Apr 29, 2005
    San Francisco
    So CrossFTP is a Java based FTP server? Yikes, sounds like doing it the hardway, or rather not the way I'd do it.

    Get Filezilla like suggested above ^^^. Keep note of the port it is using default:14147.
    Put in a password. And start the server.

    Now go to the Users and make some accounts, add passwords for them, and then setup some Shared Folders.

    From the WAN you can have people connect to your world IP and the correct port (make sure this port is forwarded by your router to the server computer). And you should be able to see whatever folders you've shared at this point.
  13. thread starter macrumors 6502a

    Jun 1, 2007
    Ok this is what I did:

    Made a DynDNS account.
    Configured my router to update my DynDNS account with the latest WAN IP address
    Forwarded port 21 to my static LAN IP address running the FTP server
    Configured my FTP server.
    Successfully used an FTP client connected to the server via LAN using anonymous user
    tried accessing the DYNDNS host name using HTTP and got to my router's browser based configuration page (lol)
    i typed in ftp:// then my DynDNS hostname says invalid user.
    I tried putting user name as admin which is my routers administrator username
    it asked for password, i put in the routers password

    this is what I get (attached screenshot).
    it looks like there is nothing.

    I am using NAPT as my address translation. NAPT is Network Access Port Translation. If I put NAT, only one computer can access the internet.

    Is somethi9ng wrong with my DynDNS? I can show u a screenshot.

    Attached Files:

    • ftp.JPG
      File size:
      80.7 KB
  14. thread starter macrumors 6502a

    Jun 1, 2007
  15. Moderator emeritus


    Oct 21, 2003
    Portland, OR
    For starters, FTP is incredibly insecure. All usernames and password are sent in cleartext. But since you're using it, make sure you chroot people into their own accounts.

    In order to make this work, you have to open up the requisite ports on your router and point them to your Mac. Ports 20 and 21 need to be opened and clients need to use active FTP.
  16. macrumors 68040

    Mar 24, 2006
    Nottingham, UK
    what type of files are you trying to share?

    music? documents?

    you could always find free hosting and upload your files to the server, put a password on the directory so only authorized users can access the files..

    IMO much easier for what you are trying to achieve
  17. thread starter macrumors 6502a

    Jun 1, 2007
    Well there is an assortment of file types. I dont think uploading 50-60 GB of files would be a good idea. and I am doing this so transfers between people are easier. Uploading all that while not being sure that my friends will ever require certain files is stupid for me.

    Opening/Forwarding port 20 did not help. The point over ehrer is that my FTP server is fine and all that. Problem over here is I think because I am behind a router and my computers IP is hidden or inaccessible from the WAN.
  18. Moderator emeritus


    Oct 21, 2003
    Portland, OR
    Your Router must have ports 20 & 21 open and port forwarded to your machine that is hosting the FTP server. And then, the clients MUST use active FTP to connect. Passive won't work. Most FTP clients use passive by default.

    Use netstat -n to ensure that your ftp service is functional. Make sure your software firewall is off as well.
  19. macrumors regular

    Dec 11, 2006
    Read this link, it's a nice summary of active vs. passive ftp, which as yellow stated is why it's not working for you.

    EDIT: Should also note, a far better solution would be SecureFTP (SFTP), which would solve a lot of your problems by only needing to forward port 22, not to mention being a lot more secure. Just set up a guest account and give all your friends the username and password. Much simpler from the port-forwarding perspective and more secure...
  20. Moderator emeritus


    Oct 21, 2003
    Portland, OR
    Agreed, SFTP is much more secure.

    But you cannot chroot an SFTP account, right?
  21. macrumors regular

    Dec 11, 2006
    Dunno, I'm a Cisco guy, not an SA; but just reading the thread, I don't think he'll be setting up a chroot environment in the near term -- possibly down the line, but not in the near term. :)
  22. macrumors regular

    May 19, 2007
    I would recommend that you turn off anonymous FTP on the server as it will allow anyone to connect as anonymous and depending on the FTP server software, all it may log is the IP address of the connecting machine.
  23. thread starter macrumors 6502a

    Jun 1, 2007
    For SFTP, do I need a new server software or do I just need to add a password?
  24. Moderator emeritus


    Oct 21, 2003
    Portland, OR
    Just turn on "Remote Access" and you can then SFTP to your heart's content.

Share This Page