#1
  1. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2016
    Location
    Lakewood, WA
    Posts
    219
    Rep Power
    18

    iptables question


    I'm fairly new to knowledgeable editing of iptables...

    I'd like to allow SFTP while blocking FTP.

    I'm aware that FTP uses two ports, but that one of those ports is also required for SFTP.

    Yes, I can probably hack something out, but I'd prefer some expert input...

    Can someone help me out by pointing me in the right direction?
  2. #2
  3. Maddening Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    16,455
    Rep Power
    9645
    If you want SFTP and not FTP then make sure your FTP server software supports SFTP and does not support FTP. It's that simple.

    So it's not really an iptables thing. Yeah, you could use a firewall to manage which ports are accessible, but if there is no service waiting on the FTP port then nothing can connect there anyways.
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2013
    Posts
    51
    Rep Power
    46
    The default port of SFTP is 22 and its over FTP SSH, you don't need an FTP server to be running nor port 21. Only port 22.

    If you are referring to FTPS that's another thing.

    Based on what you posted though, SFTP and FTP are not related nor they share the same ports so you should have no problem disabling port 21.

    Comments on this post

    • kicken agrees

IMN logo majestic logo threadwatch logo seochat tools logo