Changing FTP settings will directly impact the levels of access to the file system on your cluster. Please consider your system environment and workflow processes before enabling this feature.
IN THIS ARTICLE
Outlines how to configure FTP in Qumulo Core using qq CLI or the Web UI
- Cluster running Qumulo Core version 2.7.4 or above
- Command-Line tools installed
NOTE: FTP configuration via the UI is available in Qumulo Core version 2.7.5 and above.
FTP is now available with version 2.7.4 of Qumulo Core. Once enabled, all users will have FTP access to the entire file system of your cluster. This feature is disabled by default and can be configured using the the command-line tools or the Web UI.
Configure FTP using qq CLI
- To enable FTP, use the following command:
qq ftp_modify_settings --enabled true
- Disable FTP by running the following:
qq ftp_modify_settings --enabled false
- With FTP, you can allow FXP (server-to-server transfer) using the command below.
- Keep in mind that using FXP can make your server vulnerable to an FTP bounce. Review the article on File eXchange Protocol for additional details on risks and benefits.
qq ftp_modify_settings --check-remote-host false
Configure FTP in the Web UI
- Login to the Web UI
- Hover over the Sharing Menu
- Click FTP under Protocols
- Toggle the Enabled button to ON
NOTE: To disable FTP in the UI, toggle the Enabled button to OFF.
Once FTP is configured, you can check server status and settings by utilizing the following command:
Anonymous Users for FTP with Qumulo Core 2.8.5 or above
An anonymous user can be enabled and mapped to a local user with version 2.8.5 or above of Qumulo Core. Use the guest account or input the name of the local user in place of guest as outlined with the command below.
qq ftp_modify_settings --anonymous-user-as-local-user guest
To disable the anonymous user and return to default behavior, run the following command:
qq ftp_modify_settings --anonymous-user-none
Active Directory Users for FTP with Qumulo Core 2.8.6 or above
An Active Directory user can connect to the cluster running version 2.8.6 or above of Qumulo Core. For example, a user would log in using the DOMAIN\\username syntax as outlined below.
computer:~$ ftp cluster.company.com
Connected to cluster.company.com
| _ | | |
| | | |_ _ _ __ ___ _ _| | ___
| | | | | | | '_ ` _ \| | | | |/ _ \
\ \/' | |_| | | | | | | |_| | | (_) |
\_/\_\\__,_|_| |_| |_|\__,_|_|\___/
| ___|_ _| ___ \
| |_ | | | |_/ /
| _| | | | __/
| | | | | |
\_| \_/ \_|
220 Qumulo FTP server ready.
Name (cluster:computer): DOMAIN\\username
331 Password required.
230 Login succeeded
Remote system type is UNIX.
Using binary mode to transfer files.
Set the User's Home Directory with Qumulo Core 2.8.6 or above
Qumulo supports setting the home directory for local users. Once this setting is enabled, the user will start in their home directory instead of in the root of the cluster.
To set the home directory, see the example command below:
qq auth_mod_user --id localusername --home-directory /home/localusername
Note that the user will require traverse rights from the root of the cluster to successfully land in their home directory as outlined above. If the user does not have traverse rights, they will abide by the default behavior and land in the root of the cluster.
Chroot Users with Qumulo Core 2.8.6 or above
Admins can optionally change the root directory for users to their home directories when they connect via FTP by using the following command in version 2.8.6 or above of Qumulo Core:
qq ftp_modify_settings --chroot-users true
To disable and return to default behavior, run the following command:
qq ftp_modify_settings --chroot-users false
As specified above, we currently only support setting the home directory for local users. This local user will require traverse rights from the root of the cluster to their home directory to successfully connect.
You should now be able to successfully configure and utilize FTP in Qumulo Core
Like what you see? Share this article with your network!