Setting up FTP/SFTP services in Lion?

William, I had the same concerns and problem as you.

I found that my router wasn't configured to forward port 22 (sftp) i only had 21. Once i enabled it my problem was resolved. I hope this helps.

-Moses

William,

You'll definitely want to use SFTP over FTP. The older FTP protocol isn't secure.

You can turn on "Remote Access" in your "Sharing" System Preferences. It's a good idea to limit access only to users that will need remote access.

William,

I had the same problem sort of.....

i wanted to use my Brother MFC to scan using the FTP to PDF function but looked all over the system preferences

Yes even

system preferences --> sharing --> remote login

this is great for ssh

i was only doing FTP so found this on-line and it works

Terminal --> su

to start

launchctl unload -w /System/Library/LaunchDaemons/ftp.plist

to stop

launchctl unload -w /System/Library/LaunchDaemons/ftp.plist

it still used the user as the FTP user (already the main user that i am log in too)

hope that helps you

All I had to do is go into the sharing folder in system preferences and enable remote login. Then I was able to remotely login using sftp. Now if you are doing this from outside your firewall you will have to add port forwarding for port 22 to your target machine.

You definitelly want to steer clear of ordinary ftp.

iGeoCacher

www.ayefon.com

Yes even tried but did not work - this is great for SSH access

system preferences --> sharing --> remote login

Yes even tried SFTP but did not work since no SFTP on Brother

system preferences --> sharing --> file sharing --> options

checked the file sharing box

click on options

checked share files and folders using AFP

did not see any SFTP settings……

this is the only thing that worked for me

sorry left out a command cause i tried to follow my steps and it failed

updated walk through steps

open terminal window

go --> Utilites --> Terminal

at the command line and sudo admin password it will work

note that the -s will make the next inputs work (SORRY LEFT OUT THE -S)

type to start:

sudo -s launchctl unload -w /System/Library/LaunchDaemons/ftp.plist

type to stop:

sudo -s launchctl unload -w /System/Library/LaunchDaemons/ftp.plist

Not sure about your particular client. Here's what I did.

First, on the server box I enabled Remote login in the sharing preferences. Then, from the client machine I open a terminal window and enter

sftp 192.168.1.45

(this is the address of my server box on my network.)

I'm then prompted for a password and I enter it. I presume it's logging me in as the user I'm logged onto the client machine. That will work as I have the same user id on both machines.

Otherwise, I could have used

sftp userid@192.168.1.45

where userid whas some other user.

On first login, you will get a message complaining that the client is unable to verify the identity of the host and do you still want to connect (yes/no). That's because my host doesn't have a valid ssl certificate. If you answer yes, it will add the signature of that machine to the key store as "ok" and you won't be hassled from that point on. Now it's possible that your SFTP client is rejecting the connection because of this unsigned certificate. You should be able to alter the preferences for the app to allow that. However, once you've connected using the command line SFTP function and thereby added the target machine's fingerprint to your keystore, even your client should no longer app should no longer complain as you have effectively "authorized" the fingerprint.

So take out the variable of your client software and just do your first connection, connection testing using the built in SFTP command line function to connect. If you can do that, then the basic transport is configured.

I just used Dreamweaver using SFTP to connect to my remote server box and it worked.

Note: on a hunch I just tried this in the reverse direction. It DID NOT work. I got the message "received message too long" that others have reported.

Now, AFAIK, the only difference is that in this case, the target machine does NOT have the Lion Server component installed. I've got three machines to play with, a MacBook Pro and two Mac Mini's the Mini's both have Lion and Lion Server on them. The MBP does not. I can SFTP into the Mini's by just enabling remote login. This does NOT appear to be true for the MBP which is ONLY RUNNING LION. Perhaps SFTP isn't fully installed unless you are running the SERVER component. I suppose that makes sense. Are you running just LION or also LION Server?

iGeoCacher

www.ayefon.com

Snooping around and doing a "man ftpd" at the command line I get the man page for "tnftpd." Check it out. It looks like this is a newer FTP daemon setup that offers a bit more insulation for the OS as FTP is insecure. From the man page, I'm guessing you run it as a daemon process and you'd need to set it up to auto start if that's your cup of tea. Again, I concur with what others have said. FTP is inherently insecure and I'd recommend SFTP if at all possible. It's starting to look like the latter may only be there for LION SERVER based on my meager experience.

iGeoCacher

www.ayefon.com

Got a bit more info. Just to follow this up, I went ahead and installed Server on my MBP. I sitll couldn't login with my original user but when I ADDED a user through server panel, I could login into that account via SFTP. Not quite sure what all this means but I noted that during the server setup the progress steps indicated something about setting up a certificate. I suspect that it is the server install that sets up things for SFTP. So, my conclusion is that if you want to use SFTP "out of the box" you need to install LION Server. Now Lion is fundamentally UNIX and I'm sure that you could get some sort of SFTP/FTP working without LION Server but frankly, given the nominal cost ($49) and the fact that you can then put it on ALL of your servers due to the App Store licensing terms. I'd just go with LION Server.

Being an old Fedora/Red Hat man with a lot of installs under my belt, I've tried to roll my own on a number of occasions and inevitably I conclude that Apple makes it easier if you'll just stick with their approach. Everytime I've wandered off into the weeds I've always come back. Now that the cost is so low for these components, it just isn't worth the time to NOT use them.

-dB

Found more info here:

http://hintsforums.macworld.com/archive/index.php/t-20831.html

Not sure but it might be relevant. Doing more testing.

iGeoCacher

www.ayefon.com

Well, I've come full circle. Just logged into my daughter's machine. It's a Mac Mini. Running just LION. No Server. I can SFTP into her account from mine using MBP. So I guess SERVER is NOT required. I'm guessing the message too long thing referenced in the link above may be more at fault. I get that for one of my user accounts but the others work fine. My suggestion would be to try creating more than one account on the machine and see if you can SFTP into the second account. It might be that something in the environment of the principal account (or a permission or something) is gumming up the works per the link above. It's a puzzler. But it DOES appear that you can SFTP into ordinary LION by just enabling remote login in the sharing. It doesn't take the server version. Good to know so this has been a worthwhile investingation. Be sure and post anything else you find. Inquiring minds want to know. I'm out of experiments.

iGeoCacher

www.ayefon.com

One final experiment. I was puzzled as to why my main user wouldn't allow SFTP login but another user would. Per the link above, I checked my .bashrc file and found that I had some leftover stuff in it from migrating. It tried to set some mySQL params and I no longer even have MySQL on this MBP. This no doubt causes some output. I deleted the lines from my .bashrc file in the home directory of that user and now I can login via SFTP.

So it appears that the extra text being sent back on login is problematic for SFTP clients per the discussion at:

http://hintsforums.macworld.com/archive/index.php/t-20831.html

Check out your .bashrc. You might have some leftovers in there like me. If you need them, I'd suggest setting up a separate account for SFTP.

iGeoCacher

www.ayefon.com

Yeah, removing echo lines from .bashrc totally fixed it for me. Nice catch iphoneczar!

It works! (as apache says!)

I removed echo lines from .bashrc and now i can use sftp. Good trick!

😁