Configuring and Starting the FTP Service

To configure and start the FTP service, you must first create an FTP system key for the FTP service.

Note: If you do not define the FTPS port and will not support Explicit SSL, you do not need to create an FTPS system key.

Creating an FTP System Key

To create an FTP system key, complete the following steps.

Procedure

Go to Management > Protocol Keys > System Keys > Create System Key.

Enter the required information described in the table below:

Field	Instruction
System Key Type	Set to FTP system key.
Description	Set to a unique value for system keys.
Password	Set to a secure password.
Expiration Date	Set this based on your installations security requirements.
Key Size	Set to 2048 bits or higher.
Signing Algorithm	Set to SHA-256 or SHA-512.
Set as Default Key	Select the checkbox if you want this key to be the default SSH key.
Common Name	Set to the common name of the server.

Note: Common Name is not validated during SSH key exchange. It is used for information purposes only.

After entering the information, click the Create Key button.

Configuring the FTP Server

To configure the FTP server, complete the following steps.

Procedure

Go to Administration > Transfer Servers > FTP Server > Configure FTP Server.
Select the Internet Server instance you want to configure.
Note:
- FTP services are configured similar to SSH services. However, due to the fact that FTP uses two TCP connections (Control and Data) to perform file transfers, there are some differences.
- If you are using FTPS, you must create an FTP system key. See Creating an FTPS system key.

Enter the required information described in the table below:

Field	Instruction
Enabled	Set to Yes.
IP Port	Used for clear text and explicit SSL.
SSL Port	Used for implicit SSL.
FTP System Key	Select the FTPS system key or set to Use Default.
Welcome Message	Set a generic welcome message. Note: Many SFTP clients do not display the 'Welcome' message.
Use External IP Address	Enter the IP address of the Internet Server machine.
External IP Address	Enter the IP address of the Internet Server machine.

Updating Global FTP Parameters

To update the global FTP parameters, complete the following steps.

Procedure

Go to Configuration > System Configuration > Global FTP Settings.

Enter the required information described in the table below:

Field	Instruction
Limit Local Port	Set to `Yes`.
Starting Port	Select a port (after discussing with the network team).
Number of Ports	Select a number of ports to use. Note: 100 is a good starting point.

After entering the information, click the Update button.

Note: On UNIX machines, only root users can start ports below 1025. For best results, use an SSH port (for example, port 2021) to run the MFT Internet Server, instead of running it as a root user. FTP clients can connect to port 2021, or they can connect to a passthrough load balancer using port 21 (the standard FTP port), and the load balancer can redirect the request to port 2021. Administrators can also configure an iptables command to route incoming data on port 21 to port 2021.

Starting the FTP Server

To start the FTP server, complete the following steps.

Procedure

Go to Administration > Transfer Servers > FTP Server > FTP Server Status.
Select the Internet Server instance where you want to start the FTP service.
Click the Status button to get the current status of the FTP server service.
Click the Stop button to stop the FTP server service.
Click the Start button to start the FTP server service.

Note: If the FTP service does not start, the catalina.out file might have some information about why the service did not start.

The following points describe a few reasons why a service will not start.

You specified a port below 1025 but are not a root user.
The FTP port defined in the Configure FTP Server page is already in use by another process.
The FTP system key is expired or is less than 2048 bits.

Did you find this helpful?

Yes No