ftpmd5back
Basso Marcello
ftpmd5back is Open Source Software
__________________________________________________________________
Table of Contents
Foreword
1. How it works?
2. How do I know if my ftp server implements the command XMD5?
3. Config File
4. Command line parameters
5. Security
6. Quick Starts and Howtos
Quick start command Line...
Quick start using configuration file
How to enable encryption
How to disable encryption
A. Changelog
Foreword
ftpmd5back is a tool to make a backup of a local folder to a remote ftp
server folder.
Chapter 1. How it works?
ftpmd5backup, as the name suggests, is a tool that is used to make
backups of your files to an ftp server . In order to minimize resources
necessary for this operation, a file will be uploaded only if:
* on the ftp server there is no copy of the local file
* on the ftp server there is a copy of the local file, but it is not
the same as the local version.
To determine if the remote copy (the one on the ftp server ) is
identical to the current local file, ftpmd5back perform 2 tests:
* ftpmd5back compares the size of the files ( local and remote ): if
the sizes do not match then the local file will be uploaded
* in the case that the sizes are identical, ftpmd5back will perform
the md5 test between the 2 files: only when there isn't a md5
match, the file will be uploaded
To calculate md5 on remote copy, it uses the XMD5 ftp protocol command.
This means that not all ftp servers can be used with ftpmd5back but
probably your favorite ftp server already implements this command.
Chapter 2. How do I know if my ftp server implements the command XMD5?
of course you can use your favourite ftp client but... ftpmd5back
implements a test that lets you know if an ftp server can answer to
XMD5 command, requesting directly to the server.
launching such
user@host$ ./ftpmd5back -util testftp -s ftp.remoteho
stname.it
-u ftpuser -p secret_2_login
we get a ftp test, follow the results
Host: ftp.remotehostname.it
User: ftpuser
Port: 21
MultiFolder: FALSE
Util: TESTFTP
Testing ftp server...
0 Test start
0 send login request to ftp server
1039 Logged in
1039 change to remote folder
1088 remote folder found
request ftp capabilities
214-Supported Commands : (* unimplemented)
ABOR DELE MKD PWD SIZE USER
ACCT* EPRT MODE QUIT SMNT* XMD5
ALLO EPSV NLST REIN SSCN XMKD
APPE FEAT NOOP REST STAT XPWD
CCC HELP PASS RETR STOR XRMD
CDUP LIST PASV RMD STOU XSHA1
CLNT MDTM PBSZ RNFR STRU XCRC
CPSV MFCT PORT RNTO SYST XCUP
CWD MFMT PROT SITE TYPE XDEL
SITE HELP
SITE PSWD
SITE ZONE
214 End.
EUREKA: XMD5 command is implemented by this server:
you can use ftpmd5back!
1138 send logout request to ftp server
1188 logged out!
1188 Test end
Time: 1 seconds 188 milliseconds
We can test the login to the FTP server and get, at the same time
(using the ftp HELP command), the list of commands implemented on the
server. Usually if a command is not implemented will be displayed
followed by a star ('*'). Find XMD5 (and not 'XMD5 *') means that the
command works and that we can use ftpmd5back with this server.
Chapter 3. Config File
ftpmd5back can be used both from the command line or with a
configuration file. Not all features of ftpmd5back are usable from the
command line but only the following:
* copy of a local folder (including all subfolders) on a remote
folder
Instead using the configuration file, you can:
* copy of a local folder (including all subfolders) on a remote
folder
* copy one or more files to various local folders on a remote folder
Chapter 4. Command line parameters
Usage: ftpmd5back [-util {testftp|createconf}] -s ftpserver [-t port] -u usernam
e -p password -l localfolder -r remotefolder
Parameters:
-s ftp server name or IP address
-t optional, port to connect to ftp server, if omitted default value is 21
-u user name needed to login to ftp server
-p ftp-user-password
-l local folder, source of backup
-r remote folder, destination of backup, the folder MUST exists
-e [epass], ftp-user-password (same as -p) but parameter is encrypted
(to use after "-util encryptpass")
-v verbose mode
0 - verbose disabled (errors displayed)
1 - show processed files (default)
2 - show processed files and local/remote size/time/md5
9 - debug verbose mode
-util use ftpmd5back utility
testftp - test ftp connection
createconf - creates a configuration file using other parameters
setsec - procedure to set encrypted mode
nosec - procedure to remove encryption mode
encryptpass - encrypt a string shows the result (to use as
parameter in command line)
Chapter 5. Security
Since version 0.2 was introduced the possibility of encrypt the
password for the FTP server. Security is limited to storing encrypted
password on the hard disk (the data transmitted with the ftp protocol
are not encrypted).
The level of security provided has limitations due to the fact that it
is an open source tool, therefore, by examining the sources you can
find out how to decipher the password. However, there are some
suggestions (which will be given at the end of this explanation) to
make this system highly secure.
To encrypt the FTP user password, ftpmd5back uses a symmetric-key
encryption algorithm which is Blowfish algorithm. The key
(pass-phrase-A) is supplied by you.
Since ftpmd5back will be scheduled is necessary to access this
pass-phrase-A in order to decrypt the password of the ftp server. For
this reason, your pass-phrase-A will be encrypted (again with Blowfish)
but this time, symmetric key (pass-phrase-B) will be determined at
runtime by ftpmd5back.
Your pass-phrase-A, encrypted with the pass-phrase-B, will be stored in
a file "ftpmd5back.sec" (fullpath depends by your OS). To make it more
secure.
* Schedule ftpmd5back using root account (Administrator on Windows
OS): this is the most important guarantee
* make sure that only root (Administrator on Windows OS) has access
to the file that contains your encrypted pass-phrase: this means
that you will have to manually remove permissions for read/write
access to all other users
* If you absolutely need the highest possible safety: (1) download
ftpmd5back source code, (2) download free pascal compiler, (3)
change the pass-phrase-B in the source and (4) recompile your own
release of ftpmd5back. This will encrypt in your unique way.
Chapter 6. Quick Starts and Howtos
Table of Contents
[13]Quick start command Line...
[14]Quick start using configuration file
[15]How to enable encryption
[16]How to disable encryption
Quick start command Line...
Imagine we are in the following case: we must make a copy of our Local
Folder "GEOMETRY LESSONS". Our ftp server is "ftp.remotehost.org", we
can access with user "user01" and the password is "secret_user01". On
the remote server, we have a folder dedicated to our copies:
"backup/USERNAME".
It does not matter if there are subfolders because we want to copy them
all!
... on linux
If you use Linux, the full path of the local folder to backup can be:
/home/username/Documents/GEOMETRY LESSONS
ftpmd5back is a binary file and it is installed in folder like:
/usr/bin/ftpmd5back/
then we type
/usr/bin/ftpmd5back/ftpmd5back -s ftp.remotehost.org -u user01
-p secret_user01 -l "/home/username/Documents/GEOMETRY LE
SSONS"
-r /ftp.remotehost.org/backup/USERNAME
... on Windows
If you have Windows, the full path of the local folder to backup can
be:
C:\Users\USERNAME\Documents\GEOMETRY LESSONS
ftpmd5back is a binary file and it is installed in folder like:
C:\SomePath\ftpmd5back
then we type
C:\SomePath\ftpmd5back\ftpmd5back.exe -s ftp.remotehost.org
-u user01 -p secret_user01 -l "C:\Users\USERNAME\Documents\GEO
METRY LESSONS"
-r /ftp.remotehost.org/backup/USERNAME
the output
When ftpmd5back runs, it produces an output like the following:
ftpmd5back - Release 0.2.4 beta
0000000 978 Logged into ftp
0000001 027 Backup local folder...
0000001 027 - entering local subfolder: /
0000001 076 . processing file:
/home/username/Documents/GEOMETRY LESSONS/Lesson01.pdf
0000001 545 . processing file:
/home/username/Documents/GEOMETRY LESSONS/Lesson02.pdf
0000002 339 Logged out from ftp!
0000002 339 End backup
Tip
If you need to test your parameters without execute real backups, you
can append to the command line the following parameter
-util testftp
this will executes a test avoiding backup.
Tip
If you want to see file details and other additional information you
can append to the command line the following parameter
-v 9
Quick start using configuration file
Before reading this Quickstart would be good to have understood the
previous quickstart about parameters for command line.
Currently the use from the command line sets a limit: you can backup a
local folder and all its subfolders (and nothing else!). Using the
configuration file, in addition to the local folder, you can specify
individual files .
The best way to generate a correct configuration file is to use a
utility incorporated in ftpmd5back that is activated by parameter:
-util createconf
... on linux
then we type
/usr/bin/ftpmd5back/ftpmd5back -s ftp.remotehost.org -u user01
-p secret_user01 -l "/home/username/Documents/GEOMETRY LE
SSONS"
-r /ftp.remotehost.org/backup/USERNAME -util createconf
... on Windows
then we type
C:\SomePath\ftpmd5back\ftpmd5back.exe -s ftp.remotehost.org
-u user01 -p secret_user01 -l "C:\Users\USERNAME\Documents\GEO
METRY LESSONS"
-r /ftp.remotehost.org/backup/USERNAME -util createconf
the output
During the execution ftpmd5back will ask confirmation for storing the
ftp-user-password into configuration file (you can encrypt it later).
If so we must provide it. After execution, it produces an output like
the following:
ftpmd5back - Release 0.2.4 beta
Would you like to store ftp password in ftpmd5back
configuration file (password will be encrypted) [Y, n]?
enter ftp password for user01@ftp.remotehost.org:
ftpmd5back: configuration file ./ConfigExample.conf created!
If you want to use this file, copy it in:
/etc/ftpmd5back/ftpmd5back.conf
In the current folder the file ConfigExample.conf was created. This to
prevent it going to overwrite the correct one.
This file must be copied to the appropriate location:
* if you are using a linux system, in: /
etc/ftpmd5back/ftpmd5back.conf
* if you use a windows system, must be left in the same folder and
renamed ftpmd5back.exe: ftpmd5back.conf
If all goes well you can run ftpmd5back without parameters.
Tip
If the security of the information stored in this file is critical,
remember to set the permissions in such way only root user (or
Administrator for Windows OS) can read and edit it.
How to enable encryption
Before reading this Quickstart would be good to have understood the
previous 2 quickstarts.
Once you have a ftpmd5back.conf file with the ftp-user-password stored
inside, you can decide to encrypt this password.
To execute this procedure you need to be root (or Administrator on OS
windows). On linux you can use the 'su' or 'sudo' command. On windows
you need a shell opened as Administrator.
then we type
ftpmd5back.exe -util setsec
and on the shell, you can see:
ftpmd5back - Release 0.2.4 beta
YOU'RE GOING TO SET A NEW PASS-PHRASE
This pass-phrase will be used to encrypt the
ftp-user-password and will be stored in your home in:
/etc/ftpmd5back/ftpmd5back.sec.
REMEMBER to set file permissions in order to be
the only one that can read/write this file.
Enter pass phrase:
now you can enter (twice) your pass-phrase wich will be used to encrypt
the ftp-user-password.
Done.
Pass phrase has been encrypted in following string:
IbNHJdhOIlHNF9C+A9sXAB+5qAiOCkz0d/q7+j6GIDB/TiL+JfIEhKU/xkACwIBa
and has been saved in:
/etc/ftpmd5back/ftpmd5back.sec
DO YOU WANT TO STORE FTP USER PASSWORD?
In order to run ftpmd5back without user input, you
need to store ftp-user-password in configuration
file located in:/etc/ftpmd5back/ftpmd5back.conf
Before storing, this ftp password will be encrypted
with the user-pass-phrase.
Type 'Y' to store, 'N' to avoid storing [Y, n]:
answer yes (just press ENTER) to the question if you want to save your
password in the ftp file
Type ftp password for user user01@ftp.remotehost.org:
and provide the ftp password.
Done. Ftp password has been encrypted and stored in:
/etc/ftpmd5back/ftpmd5back.conf
To test ftp connection run:
ftpmd5back -util testftp
if you look into ftpmd5back.conf you'll se an encrypted password.
How to disable encryption
Before reading this Quickstart would be good to have understood the
previous howto.
To remove encryption you can type
ftpmd5back.exe -util nosec
and on the shell, you can see:
ftpmd5back - Release 0.2.4 beta
Configuration file: /etc/ftpmd5back/ftpmd5back.conf
YOU ARE REMOVING THE ENCRYPTION ON FTP PASSWORD
The ftp user password will be removed from
configuration file or, in case of storing, written
as plain text.
The file which contains the user-pass-phrase will
be removed.
Enter 'Y' to confirm or 'N' to abort [Y, n]:
To remove encryption, press ENTER.
Appendix A. Changelog
* 0.2.4
fix remote list
fix FileToUpdateStatistics
command line parameter 'e': encrypted ftp password
improve enkaos/dekaos
command line utility: ENCRYPTPASS
* 0.2.3
fix VerboseLevel code; fix statistics
* 0.2.2
added statistics for second attempt
* 0.2.1
added second attempt on upload failed
* 0.2.0
implementation of security: (1) ftpmd5back-pass-phrase to encrypt
user-pass-phrase (2) user-pass-phrase to encrypt ftp-password
* 0.1.7
code stabilization, out of beta phase
* 0.1.6
removed older code bugfix: local folder now is not required
* 0.1.5
added statistics
* 0.1.0
first commit
Download Latest Version
ftpmd5back_024beta_linux_arm.tgz (201.1 kB)
