FTP and ftp

These are some notes on the FTP protocol, and on the ftp command line client.

Active Vs Passive Mode

Two network connection are required for FTP transfers. In active mode, the client initiates a connection to the server's port 21, and the server initiates a connection back to the client's port 21. This incoming connection (from the client's point of view) is often blocked by firewalls, and/or not available in LANs that are NATed. To overcome this problem, in passive mode, the client initiates both connections to the server.

In the ftp CLI utility, the default mode is active. You can switch between modes with the passive command:

[email protected] ~ $ ftp
ftp> open ftp.zindilis.net
Name (ftp.zindilis.net:marios): 
331 Please specify the password.
Password: 
ftp> passive
Passive mode on.
ftp> passive
Passive mode off.
ftp>

There is no active command, modes are toggled with passive.

ASCII Vs Binary Transfers

There are two transfer modes, ASCII and Binary. In ASCII, files are transferred as characters, some of which (like newlines) are converted to match the operating system of the client. This works well for text files, but is almost certain to corrupt any other type of file. In binary mode, files are transferred unaltered. This helps maintain the integrity of files, but increases the possibility of text files appearing broken when transferred between different operating systems.

In the ftp CLI utility, the commands ascii and binary switch transfer modes:

[email protected] ~ $ ftp
ftp> open ftp.zindilis.net
Name (ftp.zindilis.net:marios): 
331 Please specify the password.
Password:
ftp> ascii
200 Switching to ASCII mode.
ftp> binary
200 Switching to Binary mode.
ftp>
Posted: 2014-01-07

hostname (Cisco Command)

The hostname command defines the name of the device. This is the name displayed (among other places) in the command prompt, and in the CDP neighbors list of other devices.

Example:

cisco> enable
cisco# configure terminal
cisco(config)# hostname router-5
router-5(config)#

Juniper Equivalent

The Juniper equivalent of the hostname command is:

marios@juniper# set system hostname <HOSTNAME>

See also

Posted: 2014-01-05

set system host-name (Juniper Command)

The set system host-name command defines the name of the device, as displayed (among other places) in the command prompt. For example:

marios@juniper> configure
marios@juniper# set system host-name router-4
marios@juniper# commit
commit complete
marios@router-4#

Cisco Equivalent

The Cisco equivalent of the set system host-name command is: 

cisco# hostname router-5

See also

Posted: 2014-01-05

/etc/lilo.conf

The LILO bootloader has long been deprecated, in favour of GRUB, however it still has an install base on old systems that remain in production. The /etc/lilo.conf file contains its configuration. After any change in that file, it is necessary to reinstall LILO, by simply running lilo.

Each installed kernel version will have a line in this file, beginning with image=, followed by the path to the kernel file. For example:

image=/boot/bzImage-2.6.28
Posted: 2014-01-05

Ryzom

Ryzom is a science fiction/fantasy MMORPG, released under AGPL. It is available for Linux, Windows and MAC, and is free to play up to a certain game level.

See also

Posted: 2014-01-02

tailf

tailf does the same thing as tail -f: it displays the last lines of a file, and then follows the file as it grows, and displays new lines as they are appended to it. Compared to tail -f, it uses less resources on the system, by not reading from the disk while the text file is not updated.

See also

Posted: 2014-01-02

enable secret

The enable secret command makes the device ask for a password to allow the user to enter the global configuration mode. Compared to enable password, it has the advantage that it stores the password in the configuration as an MD5 hash, as opposed to clear text.

See also

Posted: 2014-01-02

RHEL

Releases

VersionRelease NotesDownload
7.0 Beta access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/7-Beta/html-single/7.0_Release_Notes/index.html (dead link) ftp.redhat.com/redhat/rhel/beta/7/ (dead link)

See Also

Posted: 2014-01-02

enable password

The enable password command will make the device ask for a password to allow the user to move up to the global configuration mode. It has the disadvantage of displaying the password in clear text in the configuration. For this reason, is has been deprecated, in favour of enable secret, but still exists in Cisco IOS for compatibility with older hardware that cannot encrypt the enable password.

See also

Posted: 2014-01-02

/etc/pam.d/

Files in /etc/pam.d/ are configurations for PAM stacks. The generic syntax of a line in those files is:

management_group control_flag module [options]

More on management_group and control_flag further in this article. The module is the name of the PAM file to be used. The options are not required, and are either generic ones or module-specific.

management_group

The value of management_group can be one of:

  • auth (for authentication)
  • account (for account management)
  • session (for session management)
  • password (for password managemet)

auth

The auth group is used for user authentication, and is mostly used by tools like login for CLI authentication or XDM or similar for logging in to a desktop environment.

passwd

The passwd group is used for user password management, and is most likely utilized by tools like passwd.

session

The session group manages user sessions. It may verify the existence of a user's home directory or even create it if it does not exist, it can mount partitions that are specific to a user, etc. It will also clean up the user's session after he/she has logged out.

control_flag

The value of control_flag can be one of:

  • requisite
  • required
  • optional
  • sufficient

requisite

The requisite flag makes a check necessary but not enough. This means that a requisite check must succeed for the stack to go on, but the success of the entire stack depends on further checks. In pseudocode:

IF SUCCESS:
    GOTO NEXT LINE
ELSE:
    FAIL

required

The required flag makes a check necessary for the success of the entire stack, while it allows for the execution of the next checks. In pseudocode:

IF SUCCESS:
    GOTO NEXT LINE
ELSE:
    GOTO NEXT LINE
FINALLY:
    FAIL

sufficient

The sufficient flag makes a check stop the execution of the stack if that check succeeds, otherwise execution continues. In pseudocode:

IF SUCCESS:
    STOP STACK EXECUTION
ELSE:
    GOTO NEXT LINE

optional

The optional flag does not affect the execution of the stack, unless the check is the last one in the stack, in which case the success of the entire stack is the same as the success of the last check. In pseudocode:

IF SUCCESS:
    GOTO NEXT LINE
ELSE:
    GOTO NEXT LINE

Note that the pseudocode above does not include the exception that happens when the optional check is that last in the stack.

Posted: 2013-12-31
About

Hello, I'm Marios Zindilis and this is my website. Opinions are my own. You also find me on LinkedIn and GitHub.

Unless otherwise specified, content is licensed under CC0.

Search
Tags

angular, aws-cdk, aws-cli, aws-ec2, aws-rds, aws-s3, backuppc, boto3, cisco, django, firefox, imdb, juniper, linux-mint, markdown2, mysql, nfs, performance-optimization, python, regular-expressions, typescript, ubuntu, vim, virtualbox, vlc, vmware, zenoss