File Transfer Protocol - General Principles

Client - Server approach

The File Transfer Protocol (FTP) allows the exchange of files between computers. One may get files from or put files to a remote computer. For obvious security reasons these operations are allowed only after identification of the user. Thus an FTP session may be divided into the following operations:

1. Opening a connection to the remote computer and identification of the user
2. File exchange (get or put files)
3. Closing the connection

FTP allows the exchange of all types of files be they simple text, word processor documents, graphics, video, audio or executable files. Although it may possible to transfer a file from one machine to another, this does not ensure that the target machine will be able to use the file. For example, the file containing a program in executable form will never be compatible between processors belonging to a different family: an executable file for a Pentium cannot run on a DEC Alpha platform. Hopefully in the future more and more computers will use IEEE formats to store data, consequently easing the task of communication between computers.

FTP uses a client-server approach. The user sends requests from his computer through a ftp client program to a remote computer which receives it through a ftp server program. Thus the communication is asymmetric. Assuming one is on line to machine A and that one wants to exchange files with a remote computer B, it means that:

• Computer A must run a client ftp
• Computer B must run a server ftp (called ftpd on Unix machines).

However with the above programs running, a user on line to computer B, will not be able to exchange files with computer A since there is no client running on machine B and no server on machine A. To allow symmetric communications one needs both client and server programs running on the same machine.

Security considerations

As in general it is not possible to identify users on a microcomputer (PC or MacIntosh) it is advisable not to run a ftp server on such a machine. A client ftp is sufficient to connect the PC to a remote machine and exchange files. Since then no server is running on the PC, remote locations will not be able to connect to the PC. However, some ftp server software does allow the definition of passwords in a configuration file, making access to the PC impossible without its knowledge. Many users are not aware of this feature and thus leave a large hole in the security of their system.

Unix, VMS, OS/2, Windows NT... do not present this problem since a user is always identified.

On Unix machines the user may facilitate the access to an account by suppressing the need for a password from trusted locations and users. This is often used by persons with accounts on different machines to rapidly exchange files between the computers without the need of a full identification. However the system manager may disable this feature and it may not work at some sites.

Anonymous FTP

The need for identification prevents file exchange between computers for users not having a proper account identification and password on the remote computer. This is very frustrating: How can one retrieve a file without asking for a password? How can one send a file to a remote user without this information?

To overcome this difficulty on multiuser machines one may install a special identification called anonymous. Anybody can make a FTP connection giving anonymous as login identification. Netiquette recommends that ones e-mail address be entered as password but in many cases any string of characters will suffice. anonymous access is limited to a restricted set of files. Further it is frequent that the number of simultaneous anonymous connexions be limited and one may thus be bounced out with a message saying to try later.

Some servers not only allow to retrieve files but also permit to upload files onto the server, usually in a directory called incoming with special properties (i.e. the commands dir or ls do not work). This is very useful for exchanging information with other users. It avoids having to give a personal password to many people with its consequent increase in security risks. To exchange files, one person deposits the file in the incoming directory and the end-user fetches it out. Since everybody can fetch the file this mechanism must not be used for confidential information.

Common problems

FTP Command Lines programs are more powerful than programs using a Graphic User Interface (GUI) or WWW Interface.

Using FTP over slow links or connecting to overloaded computers can be the origin of troubles, cut-off or time-out. When this happens there is only one solution: try again at a later time. If you are connecting to the USA from Europe it is best to try in the morning, from the USA in the late afternoon, etc..

Another source of difficulty is the increasing level of security added to most servers. Among possible reasons for being unsuccessful in linking to remote computers, one may note:

• Machines not correctly declared in their domain.
  Machines normally are accessible either by their name: machine.domain.country (for instance turquoise.lmcp.jussieu.fr) or by IP number. More and more FTP servers do not accept this second method since it makes it impossible to identify the remote machine. Check that your machine is correctly declared in your local domain or ask your local system manager.
• Firewalls.
  At many institutions connexions are monitored and controlled by a firewall which may limit connections from and to the outside. Some FTP clients, especially GUI or WWW interfaces have options to declare such firewalls. Their use might be tricky and may require specialist advice.

FTP Crystallographic Sites

There exist more than 5000 anonymous ftp sites all around the world! New ones appear everyday. Engines such as archie allow to find files by giving keywords. URLs of some useful ftp servers for crystallographic material may be found at the following locations:

• Crystallography World Wide (Geneva, Switzerland)
• SInCris Server for Information in Crystallography (Paris, France)
• Infobiogen (Paris, France)