FTP connection refused

[142536789]

I was trying to open an FTP connection with my RPi and it immediately refused my request:

Code: Select all

C:\Users\Stephen>ftp
ftp> open 192.168.0.6
> ftp: connect :Connection refused
ftp> open 192.168.0.6:1024
Unknown host 192.168.0.6:1024.
ftp> open 192.168.0.6
> ftp: connect :Connection refused
ftp>

192.168.0.6 is the RPi's IP on my home network. Does anyone know why? Is there a specific port I'm supposed to use to connect it?

[Hove]

Have you installed an FTP server on your Raspberry Pi?

Code: Select all

sudo apt-get install ftpd

That's all I had to do to access my Pi from other machines.

[DougieLawson]

Have you installed an FTP server on your Raspberry Pi?

Code: Select all

sudo apt-get install ftpd

That's all I had to do to access my Pi from other machines.

Don't do that. It is a MASSIVE security exposure.
If you can ssh to your pi (because you've got sshd running) then you can use SFTP. WinSCP and Filezilla work with that.

[rpdom]

You shouldn't need to specify a port. 19 and 21 are allocated to ftp be default.

Have you installed an ftp server on your Pi? I don't think one is included in the standard builds, and would need to be installed manually.

The message you are getting is exactly what you would get if there wasn't an ftp server running.

However, ftp transmits everything in plain/unencrypted form, is is considered unsafe. It'd work, but it is a bad habit to rely on it when there are secure ways of doing things instead, like scp and sftp.

[DougieLawson]

You shouldn't need to specify a port. 19 and 21 are allocated to ftp be default.

FTP is port 20 (data) & 21 (control).
http://tools.ietf.org/html/rfc959

The complete lack of security is explained here.
http://tools.ietf.org/html/rfc2577

[Hove]

Don't do that. It is a MASSIVE security exposure.

FTP security may not be a concern in the OP's case. The OP is looking to connect from his home windows machine to his home Raspberry Pi, probably on the same internal LAN / WAP. The OP's internet hub will protect his RPi from incoming FTP client requests from the internet. Obviously, if the RPi ever leaves the firewall protection of his home network, then yes, FTP use could be disastrous.

I use FTP to a local encrypted WAP with no internet access, so again, minimal security risk as long as the WiFi encryption is solid.

So I think the fear of god "MASSIVE security exposure" needs some more explanation, rather than expressing it as a blanket rule.

[DougieLawson]

The level of security awareness of RPi users is dismal in the extreme.

Folks put their RPis in their router's DMZs without thinking.
The default user has a well know password (how many folks change that).
The default user is a sudoer.
The solution to any security problem is normally "run that as sudo, it will work".

So I'll continue highlighting exposures that aren't needed because in this case there's a better way to do it.

The full PuTTY package includes sftp and scp. There's plenty of GUI "FTP" clients that support sftp. So we should encourage the newbies to run that way rather than suggesting that they open more holes in their swiss cheese.

[rpdom]

Um, yes. Port 20 and 21. Not 19 (I checked first in /etc/services, dunno how I got that wrong!)

[Joe Schmoe]

Re: Security.

This is a classic: You can't have it both ways. We want the Pi to be as easy to use as Windows. Therefore, it will be used by people who are used to using Windows. I.e., people who don't worry about security.

Basically, the whole concept of "security" is over-rated. Every time you install an "app" on a "smartphone" or whatever; every time you click on "Install" on a Windows PC. Every time you do either of these, you are throwing any concept of "security" to the four corners. You're telling the author of whatever you're installing that you trust them implicitly - to do whatever they want on your system. Think about that the next time you install an app (or click on "Install"). But don't think about it too long; it'll just harsh your buzz to do so.

The era of "security" is over. Get used to it.

[Hove]

The level of security awareness of RPi users is dismal in the extreme.

Fair enough - without knowing the experience of the person considering adding an FTP server to their RPi, I agree it's definitely the safest response to just set the blanket rule and suggest secure solutions to avoid avoiding noobies letting the internet into their home network.

[croston]

I agree with @DougieLawson on security concerns. Security concerns aside, why would you waste RPi system resources on an extra FTP server when you have sftp running by default? FTP is an old way of doing things and we should be teaching good practice. After all the RPi is there for education. The main reason for using FTP on a RPi is that you don't know any better.

[DougieLawson]

Basically, the whole concept of "security" is over-rated. Every time you install an "app" on a "smartphone" or whatever; every time you click on "Install" on a Windows PC. Every time you do either of these, you are throwing any concept of "security" to the four corners. You're telling the author of whatever you're installing that you trust them implicitly - to do whatever they want on your system. Think about that the next time you install an app (or click on "Install"). But don't think about it too long; it'll just harsh your buzz to do so.

The era of "security" is over. Get used to it.

You are so wrong. I don't install apps on my phone or tablet without reading and understanding what privileges it needs and why it needs those. If they don't meet my level of security I'll not install something, I'll find an alternative or live with it.

I cancelled my Facebook account because I lost all faith in Facebook.com's security policies.

[Joe Schmoe]

You are so wrong. I don't install apps on my phone or tablet without reading and understanding what privileges it needs and why it needs those. If they don't meet my level of security I'll not install something, I'll find an alternative or live with it.

I am not wrong. But what I don't get is why you seem to take my posts so personally.

We are not talking about you or me. We know better.
We are talking about the great unwashed, including the (hypothetical) newbies who generate traffic on support boards (such as this one).

They are the ones who are just scrolling to the bottom and clicking "I accept".

I changed my sig, just for you...

I cancelled my Facebook account because I lost all faith in Facebook.com's security policies.

You were ever on Facebook???? OMYGOD!

==============================================================

To most Christians, the Bible is like a software license. Nobody
actually reads it. They just scroll to the bottom and click "I agree."

- author unknown -