NAME

SYNOPSIS

bbftpd -v

bbftpd -s [ -f ][ -l LogLevel ][ -m MaxStreamNumber ][ -w PortNumber ]

bbftpd -b [ -f ][ -l LogLevel ][ -m MaxStreamNumber ][ -w PortNumber ]

bbftpd [ -f ][ -l LogLevel ][ -m MaxStreamNumber ]

DESCRIPTION

As one of the major problems of the FTP protocol was the unencrypted transmission of the username and password, BBFTP uses two methods for authentication. The first one is to generate at each new connection an RSA key pair, to send the public key to the client who will encrypt the username and password using this public key, and then to decrypt them with the private key. As these keys are 1024 bits long and generated at each new connection, it will be quite difficult to steal a password. The second connection method is based on ssh; instead of making a connection to a running daemon, the client will remotly start the daemon with ssh (with a command like ssh -l user remotehost "bbftpd -s").

BBFTP protocol works in the following way :

-

After the authentication procedure has ended there is what is called a control connection between the client and the server. On that connection all control commands will circulate.

-

When a data transfer occurs (get or put command sent by the client) the client will get all TCP ports needed by the transfer (one per stream) and send those port numbers to the server on the control connection. The server will then connect to those ports (using a defined port number if the -f is not used) and use them to transfer data.

bbftp(1)).

The server can be used in different ways :

Through inetd (and tcpwrapper if needed). In this case the line in the inetd.conf file will look like :

bbftp stream tcp nowait root /usr/local/bin/bbftpd bbftpd [-f] [-l LogLevel] [-m MaxStreamNumber]

As a standalone server. In this case the starting procedure has to contain the following line:

bbftpd -b [-f] [-l LogLevel] [-m MaxStreamNumber] [-w PortNumber]

Started via ssh. In this case the remote command started by the client will look like:

bbftpd -s [-f] [-l LogLevel] [-m MaxStreamNumber] [-w PortNumber]

OPTIONS

-b

Use this option to start bbftpd in background. In this case the server will bind and listen on a control port which can be changed with the -w option.

-f

The standard behaviour of the server is to bind the server-side port number on data connection to controlport minus one. This is useful if the server is behind a firewall. If you want the server to take the first free port number use this option.

-l LogLevel

Us this option to change the log level. By default the server will log nothing. Loglevel is a string (uppercase or lowercase) whose values are :

EMERGENCY
ALERT
CRITICAL
ERROR
WARNING
NOTICE
INFORMATION
DEBUG

WARNING : This option has to be the last one when used in conjunction with option -s for backward compatibility.

-m MaxStreamNumber

For each stream the server forks a child. If you want to limit or increase the number of streams use this option.

-s

Use this option when the server is started remotely via an ssh connection.

-v

Use this option to write the version of the software and default values to standard output.

-w PortNumber

Use this option to change the control port number.

SEE ALSO

AUTHOR

bbftp was developed by Gilles Farrache (farrache@cc.in2p3.fr) from the IN2P3 Computing Center , Villeurbanne (FRANCE). All the ssh-related stuff is based on ideas and software written by Tim Adye (T.J.Adye@RL.AC.UK) from Rutherford Appleton Laboratory , UK.

This software uses the cryptolib 0.9.5 of the OpenSSL project and zlib 1.1.3 written by Jean-Loup Gally and Mark Adler.
 

Index

NAME

SYNOPSIS

DESCRIPTION

OPTIONS

SEE ALSO

AUTHOR