Overclock.net › Forums › Software, Programming and Coding › Networking & Security › FTP over SSL as a Windows Drive program
New Posts  All Forums:Forum Nav:

FTP over SSL as a Windows Drive program

post #1 of 6
Thread Starter 
Hi all,

Dunno if this is the right section but, as the title says, Im setting up a home server for the first time and slowly getting things working.
Ive setup Pure-FTPD with enforced SSL.

Now in the Windows Clients I wanted something that would show up as a normal drive and would work with SSL since the normal windows support doesnt work that I know off.

What free programs you guys know/recommend me??

Features such as video playing is a bonus.

I tried DirectNet Drive but has some issues, doesnt seem to support UTF-8 (Im portuguese) so a lot of file names get messed up and when I send something to the server some applications loose internet access such as Spotify.

Waiting for suggestions,
Thanks,
Ralms.
post #2 of 6
My advice is don't bother. FTPS is a kludgy mess to begin with (expect a world of hurt if both clients and server are behind firewalling and/or NATing) and running a local file system over FTP would just be painful because of the antiquated specifications of the protocol.

In fact I'd go further and say there's no good reason for FTP on the modern internet - what-so-ever. In my opinion FTP needs to die.

Anyway, going back to your question: In instances like this you either want SFTP (sshfs) as that's a modern transfer protocol which runs over an SSH tunnel. But unfortunately sshfs tends to be a bit more fiddly in Windows than it is in Linux / OS X. The other, and probably best solution in this instance, is using bog standard SMB (ie Windows file and printer sharing) over a VPN tunnel.

Both sshfs and VPN would preserve Unicode (FTP would be fiddly because technically it's a plain text protocol) and support video streaming (FTP might not because AFAIK you can't seek to random points in a file via FTP - but I've never attempted to do so either).

Edit:

The other option is to use SMB locally but Plex or Subsonic for remote streaming and Pydio or ownCloud for Dropbox-like functionality (this is the approach I take when sshfs isn't an option). However this is considerably more work to set up than VPN. The upside is that you can stream your music from your server in a Spotify-like interface; so you can listen to music on your phone, work PC or where ever and not have to worry about mounting network file systems.
Edited by Plan9 - 12/11/14 at 5:49am
post #3 of 6
Thread Starter 
Hi there,

Thank you for your reply. While I was waiting for people to reply I was getting to that.
Plex is almost a must since I need a DNLA/UPnP service locally for the living room tv/blueray player.
And Im not using SFTP as everyone thinks, Im using normal FTP over SSL/PLS, its not perfect by any means but works for now. I decided to keep it up so I can access stuff outside my home atm while I study and understand VPNs more.

I installed Smb and having it as a server in ubuntu seems to be a lot faster than windows to windows lol although it doesnt make sence in my mind due to Microsoft being the creator lol. But windows xD

Its working ok, its fast, just have to figure out permissions and manage to do account/etc due to needing 1 access per person for privacy.

I wonder, what is your setup??

Thanks,
Ralms.

P.S.: It is possible to do video playback from a FTP drive but very very few programs can do it, DirectNet Drive can do it and pretty good on my opinion, I can play video directly and I can time seek or jump instantly. I notice that what he does is having multiple downloads of the same file, like in blocks. And if I jump in the time bar he starts a new connection. Works though.
post #4 of 6
Quote:
Originally Posted by Ralm View Post

Hi there,

And Im not using SFTP as everyone thinks, Im using normal FTP over SSL/PLS, its not perfect by any means but works for now.
I know you're not using SFTP and I know what FTPS is. If re-read my post you'll see the first couple of paragraphs were ranting about the evils of FTPS, and then afterwards I was recommending SFTP.

Have you used sshfs? If not, you should try it. It's awesome. ad hoc network shares are literally as simple as SSHing onto your server. smile.gif
Quote:
Originally Posted by Ralm View Post

I installed Smb and having it as a server in ubuntu seems to be a lot faster than windows to windows lol although it doesnt make sence in my mind due to Microsoft being the creator lol. But windows xD
SMB is an IBM invention smile.gif It was created for OS/2

Anyhow, if you're connecting Linux to Linux then I'd recommend NFS or sshfs over SMB. NFS for performance and sshfs for convenience.
Quote:
Originally Posted by Ralm View Post

Its working ok, its fast, just have to figure out permissions and manage to do account/etc due to needing 1 access per person for privacy.
The easiest way is to have one system user per SMB share and have them mapped 1:1 (eg for every system user account, do smbpasswd too). The set your create mask in samba to be 600 (which means only the owners of that file can read or write to it).
Quote:
Originally Posted by Ralm View Post

I wonder, what is your setup??
FreeBSD on a mirrored ZFS pool for the OS and a 6 disk ZFS raid + SSD cache disk. On that I have 6 Jails (in no particular order)
  1. SSH sandbox (so I can SSH in from the outside world. This acts like an airlock to help prevent hackers from taking down my whole server should they manage to brute force their way in)
  2. web stack (Apache et al)
  3. download handers (this jail runs any daemons that connect to the WAN to download content, eg from Youtube or seeding Linux ISOs)
  4. Subsonic (Subsonic is a bit like Plex, but more music orientated. However it does do video too)
  5. DNS (i run my own internal DNS server which blocks ad banners, tracking URLs and known dodgy domains - so it means any device connected to my network is covered)
  6. misc dev environment (this doesn't really do much other than provide me with a sandboxed environment to SSH into if I want to do any development / compiling / whatever and not worry about shutting down my laptop at night. I don't tend to use it much to be honest)

Software / protocol wise
  • I do run Plex, but that's on a separate box (an Intel NUC) since this server is just an old AMD desktop PC so starting to creak a bit these days.
  • I tend to just use Subsonic to listen to music / watch videos when I'm away from home, and sshfs for whenever I want file system access (as my work PC and laptops all run ArchLinux).
  • But I do have some web-based cloud solutions for sharing files as well: I run Pydio for the cloud functions, and ownCloud for auto uploading of images and videos from my phone right after I shoot them.
  • I don't bother with VPN, I just create ad hoc tunnels via SSH (eg "ssh -d 4321" to create a SOCKS tunnel to hide HTTP(S) traffic from hotel firewalls etc)
  • On my LAN I run Samba for the extremely rare occasion someone has a Windows laptop they want to connect to my server,
  • and NFS to connect all my media centres / HTPCs (eg the Plex NUC) with the server
  • I also have a bunch of bespoke stuff I'd written for convenience

Lastly, all of my internet facing daemons are protected with fail2ban, which monitors log files and then auto blacklists any IP that's spotted doing something suspicious (eg brute force attacking sshd / any of my passworded websites).

I think that's the gist of my set up. It's a little bit complicated in places but it's actually pretty easy to manage smile.gif
post #5 of 6
Thread Starter 
Quote:
Originally Posted by Plan9 View Post


FreeBSD on a mirrored ZFS pool for the OS and a 6 disk ZFS raid + SSD cache disk. On that I have 6 Jails (in no particular order)
  1. SSH sandbox (so I can SSH in from the outside world. This acts like an airlock to help prevent hackers from taking down my whole server should they manage to brute force their way in)
  2. web stack (Apache et al)
  3. download handers (this jail runs any daemons that connect to the WAN to download content, eg from Youtube or seeding Linux ISOs)
  4. Subsonic (Subsonic is a bit like Plex, but more music orientated. However it does do video too)
  5. DNS (i run my own internal DNS server which blocks ad banners, tracking URLs and known dodgy domains - so it means any device connected to my network is covered)
  6. misc dev environment (this doesn't really do much other than provide me with a sandboxed environment to SSH into if I want to do any development / compiling / whatever and not worry about shutting down my laptop at night. I don't tend to use it much to be honest)

Software / protocol wise
  • I do run Plex, but that's on a separate box (an Intel NUC) since this server is just an old AMD desktop PC so starting to creak a bit these days.
  • I tend to just use Subsonic to listen to music / watch videos when I'm away from home, and sshfs for whenever I want file system access (as my work PC and laptops all run ArchLinux).
  • But I do have some web-based cloud solutions for sharing files as well: I run Pydio for the cloud functions, and ownCloud for auto uploading of images and videos from my phone right after I shoot them.
  • I don't bother with VPN, I just create ad hoc tunnels via SSH (eg "ssh -d 4321" to create a SOCKS tunnel to hide HTTP(S) traffic from hotel firewalls etc)
  • On my LAN I run Samba for the extremely rare occasion someone has a Windows laptop they want to connect to my server,
  • and NFS to connect all my media centres / HTPCs (eg the Plex NUC) with the server
  • I also have a bunch of bespoke stuff I'd written for convenience

Lastly, all of my internet facing daemons are protected with fail2ban, which monitors log files and then auto blacklists any IP that's spotted doing something suspicious (eg brute force attacking sshd / any of my passworded websites).

I think that's the gist of my set up. It's a little bit complicated in places but it's actually pretty easy to manage smile.gif

Pretty interesting. that actually helped on some notions I dont have yet. Such as Jails, although I dont know if that is possible to do in ubuntu server.

Most likely after I get to understand all this better, I might just format the server and start over again due to so many trial and error due to different tutorials.

Thanks for the help.
post #6 of 6
Linux has a few options for OS containers, but I'd suggest LXC is probably your best option as the other solutions require custom kernels.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › FTP over SSL as a Windows Drive program