User Tools

Site Tools


6.2-Services FTP – File Transfer Protocol

Using the Drop Down Navigation Menu on the top of the page, below the XigmaNAS logo, click “SERVICES” then select “FTP”. On this page you can enable or disable the FTP service, configure FTP, and manage FTP modules. XigmaNAS uses ProFTPD, a highly configurable GPL-licensed FTP server.

While CIFS and NFS are file system protocols, which means that whole file systems can be shared on the network and other computers can use those file systems as if they were attached locally, FTP (File Transfer Protocol) is more limited in that it is designed just for the transfer of files from one computer or server to another computer.

If you have a Linux machine that needs access to XigmaNAS, it’s another protocol that can be used. If you wish to permit FTP access to the XigmaNAS Storage Drive/s you can Enable the FTP Service.

Warming - Traditional FTP is rather insecure. When you login, your username and password are transmitted in clear text, raising the possibility of your credentials being 'sniffed' by a malicious person. Fortunately there's an easy answer to this. You can quite easily configure your FTP server to use OpenSSL encryption, so that username & password, and even data files, are encrypted during transfer. It takes just a few simple steps:
  • Configure FTP in XigmaNAS for SFTP, and use Filezilla or similar for Secure Transfers. Read Secure SFTP Configuration for details
  • Configure FTP in XigmaNAS for FTPES, and use Filezilla or similar software for Secure Transfers. Read Secure FTPES Configuration for details

File Transfer Protocol

Click the “ENABLE” box in the upper right corner to disable or enable the service as desired.

TCP Port: The default port for normal transfers is 21. If you will use secure transfers you will be changing to port 22.

Do not forget to setup proper port forwarding in your network/wifi router!

Number of Clients: The Maximum number of simultaneous clients that can connect.

Maximum Connections per IP: The Maximum number of connections per IP address. (0=unlimited)

Maximum Login Attempts: The Maximum number of allowed password attempts before being disconnected.

Timeout: The Maximum idle time (in seconds) before disconnection.

Permit Root Login: Specifies whether connecting user is allowed to login as Superuser (root) directly.

Important - Use this option with care, as it can be a security risk.

Anonymous Users Only: Enables users to login anonymously.

Local Users Only: Enables local users ( those you create on the server ) to login and disables anonymous logins.

Banner: Greeting banner displayed by FTP when a connection is first made.

Advanced Settings

Create Mask: Use this option to set a new default file creation mask (077 is the initial default)

Directory Mask: Use this option to set a new default directory creation mask (022 is the initial default)

FXP: Enables FXP Protocol. FXP allows transfers between two remote servers without any file data going to the clients asking for the transfer.

Important - Use this option with care, as it can be a security risk.

Resume: Allows clients to resume interrupted uploads and downloads.

Default Root: If enabled, a chroot operation is performed immediately after client authentication. This can be used to isolate the client from a portion of the host system filespace.

Ident Protocol: When a client initially connects to a server the ident protocol is used to attempt to identify the remote username.

Reverse DNS Lookup: Enables reverse DNS lookup on the remote host's IP address for incoming active mode data connections and outgoing passive mode data connections.

Masquerade Address: Causes the server to display the network information for the specified IP address or DNS hostname to the client, on the assumption that the IP address or DNS host is acting as a NAT gateway or port forwarder for the server.

Passive Ports:

  • Minimum: The minimum port to allocate for PASV data connection. (0 = use any)
  • Maximum: The maximum port to allocate for PASV data connection. (0 = use any)

Local User Bandwidth:

  • Upload: Local user upload bandwidth in K/B/s. (Empty = infinity)
  • Download: Local user download bandwidth in K/B/s. (Empty = infinity)

SSL/TLS: Enables or disables TLS/SSL Connections. From series SSL has been removed and TLS is the only option.

Certificate: X.509 Certificate will be inserted here in .PEM format.

Private Key: RSA Private Key will be inserted here in .PEM format.

TLS Only: ONLY allow TLS connections, nothing else.

Auxiliary Parameters: See the ProFTPD documentation for these Parameters.

Save the Configuration settings:

  1. Make sure there is a check mark in the “ENABLE” box at the top right of the page.
  2. Click the “SAVE & RESTART” Button.

The FTP service should now be running, you should test to make sure that everything is working properly. Brief test procedures are in SUG Section 2.6.2 (NEED TO BE ADDED)

documentation/setup_and_user_guide/ftp-file_transfer_protocol.txt · Last modified: 2018/10/01 23:04 by zoon01