How to use anonymous ftp to distribute or collect files
Last revision March 23, 2018
| On this page: |
People in the Stanford School of Earth, Energy & Environmental Sciences who have an account on the School's network file server, sesfs.stanford.edu, can exchange files with outside colleagues using the School's "anonymous ftp" service.
This service is provided by two cooperating servers: sesfs.stanford.edu stores the files on disk, and pangea.stanford.edu provides the ftp connections to the outside world. You need an account on sesfs to put files on the disk or retrieve the ones uploaded from outside. Pangea automatically serves files in special folders on sesfs to the outside via anonymous ftp.
Anonymous ftp is desgned for sharing files with colleagues who are not in Stanford Earth. Use direct connections to the file server, sesfs.stanford.edu, to share files with others in Stanford Earth or to move files between multiple computers of your own. The large file share scr1 is best suited for temporary intra-School file sharing. Needs for permanent intra-School sharing are best met by requesting a group file share.
The anonymous ftp service is the primary method for exchanging large files with outside colleagues. You can also use the school web server to distribute small to medium sized files, or send small files as email attachments. But the web server cannot accept "uploaded" files from outsiders; that is only possible with anonymous ftp.
WARNING: Do not use anonymous ftp to distribute any private or Moderate or High Risk data or files! Anyone on the Internet (including hackers) can connect to anonymous ftp on pangea and copy the files you have placed there. If you have no other way to distribute sensitive data, encrypt it first and send the decryption key to your colleague by another method.
Distributing files to a colleague
The anonymous ftp service can be used for either temporary or permanent distribution of files to outside colleagues. An example of temporary distribution is sharing a large map file with a colleague who will copy it to his/her computer; once he/she gets it, it doesn't need to stay on our servers. An example of permanent distribution is providing an archive of data files that are referenced in a published paper. They need to be available for a long time, possibly years.
Procedure for temporary distribution
The sesfs account holder copies file(s) into the folder pub/share of the ftp file share on the sesfs.stanford.edu file server. You cannot do this via an anonymous ftp login! You must use an authenticated login that proves that you are a valid sesfs account holder.
Connect to sesfs using your SUNet ID name and password. Mount the ftp file share. Then change folder to pub/share on the mounted share. Copy the file from your computer to this folder. This folder is shared by all sesfs users, so make your filename unique! If you have many files to distribute, you can make a new subfolder and put all your files in there, or bundle them up into an archive, such as a ZIP file.
The pub/share folder is for temporary distribution. Files placed there will be automatically erased after seven days. Don't load your files until your colleague is ready to download them. No one person can load more than 20 GB of files at a time onto the ftp file share.
How does your colleague pickup these files that you have loaded onto the ftp file share on sesfs? Send the URL of this web page, and tell your colleague to follow the instructions below! Don't forget to tell him/her the name of the file(s) you have loaded!
As the name suggests, "anonymous ftp" means that your colleague does not need to have an account on pangea. Your colleague simply opens a connection to pangea.stanford.edu with an ftp client program; when it prompts for a login name on pangea, he/she just types the word "anonymous". In principle, any password can be used with this special account. On pangea, we enforce the tradition that you provide an email address as the password. Random passwords that don't look like email addresses will not be accepted.
Windows, Mac OS X, Unix, and Linux all have a built-in command-line ftp client program that can be used to make anonymous ftp connections. Other programs such as the Stanford site-licensed Secure FX and Fetch programs can be used to make an anonymous ftp connection with a graphical interface - just configure them to use "plain ftp" for this connection (rather than sftp). Many other graphical interface ftp programs are also available for Windows and Mac OS X.
Only the contents of the ftp file share can be seen from an anonymous ftp connection to pangea. No other shares on sesfs or other parts of the pangea file system will be accessible. This is an obvious security feature to prevent anonymous users (which can include hackers) from accessing sensitive files.
When your colleague connects to pangea.stanford.edu via anonymous ftp, he/she will be placed into the pub directory of the ftp share automatically as the current directory. Your colleague simply opens the share folder and copies the desired files from there to his/her computer.
Most web browsers can also be used to fetch files from the anonymous ftp service on pangea. Your colleague should use the URL:
ftp://pangea.stanford.edu/
Note that your colleague must specify "ftp://" as the URL prefix (resource type), not "http://". The anonymous ftp service is not a web site. Rather, the browser knows how to make anonymous ftp connections when given a URL that starts with "ftp://".
This URL will present the list of files in the folder as links. To download, right-click (Windows) or CONTROL-click (Mac) on a link. This will bring up a contextual menu which includes a "download to disk" or "save link as" option (wording may vary among browsers).
The ftp service on pangea transfers all files in "binary" mode. That is, all files are transferred exactly as is, bit for bit, with no conversions for different end-of-line conventions between operating systems.
Procedure for permanent distribution
If you need to distribute files that must be available to be downloaded for a long period of time (longer than one week), request a personal subfolder for your own use in the pub folder on the ftp file share on sesfs.stanford.edu. Email your request to the sesfs system manager; describe the intended academic purpose.
The system manager will make a subfolder for you in the pub folder, named the same as your SUNet ID name. For example, if your SUNet ID is "joe", the manager will create the subfolder pub/joe. Only your SUNet ID will have write privileges to put files into this folder after mounting the file share from sesfs. But of course, anyone can copy those files via anonymous ftp connection to pangea.
A single personal anonymous ftp subfolder can also be made for a research group. The group name will be used as the subfolder name, and the SUNet IDs of all group members will have write privileges.
The procedures you use to load files and your outside colleague uses to get them are the same as for temporary distribution - just substitute the name of your personal subfolder for the folder name share in the instructions above.
Permanent distribution doesn't necessarily mean forever! Periodically review the files you have placed in your personal anonymous ftp subfolder to see if you still need to distribute them. If not, delete them to make more room on the disk for others. The maximum disk quota on the ftp file share for any person is 20 GB. Also, when you leave Stanford and your SUNet ID is deactivated, the files in your personal anonymous ftp folder will be erased. Files you placed in a group folder will be retained.
Receiving files from a colleague
If you need to receive files from a colleague, first inquire if his/her site has a similar anonymous ftp facility. If so, ask your colleague to place the files there for you to copy via anonymous ftp directly to your own computer. That is the quickest and simplest solution with the fewest security problems.
Alternatively, pangea's anonymous ftp server will accept incoming files from outside colleagues under strictly controlled circumstances described here. Accepting files from anonymous users is a security risk, as hackers will try to take advantage of such a service to host their illicit programs.
Anonymous ftp connections to pangea.stanford.edu can copy files into the special dropoff folder. This folder functions as a "black hole". It accepts files, but once you have loaded them, you cannot see them or copy them back. Within fifteen minutes, files placed in the anonymous ftp dropoff folder are moved to the dropoff folder of the scr1 file share on sesfs, which is not accessible to anonymous ftp logins. Stanford Earth account holders can connect to sesfs, and mount the scr1 file share to retrieve the files.
To start, tell your colleague to make an anonymous ftp connection to pangea.stanford.edu using a command-line or graphical interface ftp program. A web browser will not work because it cannot load files onto the server.
Your colleague then changes the pangea folder to dropoff. Some ftp programs will give an error message when you change to this folder because of the special "black hole" access permission on it, but they should still work. Your colleague can put individual files into this folder. He/she cannot make subfolders. If your colleague needs to send you many files, it is probably easier to first combine them into an archive, such as a ZIP file.
Your colleague can never list the contents of this folder from his/her anonymous ftp connection. He/she has to keep track of the uploaded files. Because all anonymous ftp users will place files into this one folder, remind your colleague to use a unique name - preferably one that includes a reference to you, the recipient, for example, datafiles-for-farrell.zip.
The dropoff folder can store no more than 20 GB total. As files are automatically moved from there to the scr1 file share at 15 minute intervals, it should normally be able to accept a file up to 10 GB in size. If a file "upload" fails because the disk is full, your colleague should wait at least fifteen minutes before trying again so the system can move out the incomplete copy and the other people's files that are taking up space.
How do you "pickup" the files that your colleagues have "dropped off" for you via anonymous ftp?
Connect to sesfs using your SUNet ID name and password. Mount the scr1 file share. After connecting, go to the dropoff folder. The system moves files from the anonymous ftp dropoff folder to here. It only moves ordinary files (or archives) and will not move any subfolders - those are deleted (normal anonymous ftp users won't be able to make those, but hackers might). All valid sesfs account holders can view and copy any file from the dropoff folder of the scr1 file share. They cannot put files there or delete them.
The anonymous ftp dropoff files that you find in the dropoff folder of the scr1 file share will be automatically erased after seven days. Don't delay getting them after your colleague notifies you that they have been loaded to the dropoff folder.
If your colleague uses the same name for his/her file as someone else, or loads two copies with the same name into the anonymous ftp dropoff folder (perhaps because the first load failed partway through), then the system will modify the filename when it moves it to the dropoff pickup folder on the scr1 file share in order to prevent a "collision" with an existing file of the same name. It will add a hyphen and an integer number to the end of the filename. Avoid confusion and tell your colleagues to use a unique name!