SFTP Administration?

Steve Holmes steve at holmesgrown.com
Mon Apr 1 12:56:23 EST 2002


That's right, We intend this to be a private FTP site with private users.
We just don't want them to be able to peek into other directories in which
they don't belong.  If a different solution is more appropriate, I'm all
ears.  I recall you did some research a while back for ACB and secured
FTP? Maybe we're barking up the wrong tree to secure the FTP sessions.  If
SFTP is indeed the way to go, then I'm curious to know of good compatible
sftp clients for both linux and windows.  The only thing I've used so far
was sftp which doesn't provide any progress status and is rather primitive
to me.  That's basically it.

On Mon, 1 Apr 2002, Janina Sajka wrote:

> Hmmm, you're right. An sftp client request opens over ssh and launches
> sftp-server.
>
> So, now I've forgotten your earlier question. You wouldn't use this for
> anonymous logins, right? So, why restrict bonafide users on your system to
> uploads in certain directories?
>  On Mon, 1 Apr 2002, Steve Holmes wrote:
>
> > I realize that, but when one uses SFTP for secured FTP sessions, they come
> > into ssh and as far as I can tell, no ftp servers are involved.  Is this
> > the correct observation? If so, then my questions from my previous
> > questions still apply.  I'm still wondering which windows ftp clients work
> > with sftp.  FTP Voyager seems to support SSL incrypted ftp but seemingly
> > only with Serve-U server.  I see no mention of sftp (part of ssh) for this
> > client.  I also would like to see progress messages when I do sftp like
> > you get with ncftp but the standard sftp client doesn't seem to offer
> > this.  I haven't had a chance to look at lftp to see if it is any better.
> >
> > I hope this is clearer now:).
> >
> > On Mon, 1 Apr 2002, Janina Sajka wrote:
> >
> > > Steve:
> > >
> > > sftp is a client, not a server. If you want to tighten ftp against known
> > > security issues, read the documentation provided with the ftp servers.
> > > There's no need to reinvent the wheel.
> > >  On Sun, 31 Mar 2002, Steve Holmes
> > > wrote:
> > >
> > > > I know, this doesn't have to do with speakup but I have a question for
> > > > anyone who might have had some experience with Secured FTP (SFTP).  So
> > > > far, I realize that SFTP is a subset of ssh so I don't think any of
> > > > the conventional FTP servers like proftp have any chips in the deal.
> > > > I'm setting such a thing up on a private machine for my friend and
> > > > haven't been able to find much on controling access and rights.  What
> > > > I've done so far is to add users on this machine like any other shell
> > > > accounts but force their default directory to be /home/ftp instead of
> > > > /home/user-id.  I then put some symbolic links in this ftp directory
> > > > to point to the various download areas.  So far, the permissions look
> > > > good but I'd like to tighten things up a bit; I would like to "lock"
> > > > the users into the /home/ftp directory and subdirs.  Another rinkle
> > > > here is the sym links.  Once you cd to a symlinked directory, doing a
> > > > cd .. takes up from that point, and not back to where you were
> > > > before.  One big disadvantage to symbolic links, I guess.
> > > >
> > > > Another question, are there any sftp clients out there for linux that
> > > > might be a bit better than the strait sftp command? I wish ncftp could
> > > > do it, but it doesn't look like it can.  Also many of the future users
> > > > of this machine are from winblows; what are some good sftp clients for
> > > > winblows?  Personally, I like FTP Voyager but 9.0 has SSL support but
> > > > does not appear to do sftp specifically.  I think it may be locked
> > > > into connectivity with their own server, Serv-u.
> > > >
> > > > Any ideas on this stuff?
> > > >
> > > > _______________________________________________
> > > > Speakup mailing list
> > > > Speakup at braille.uwo.ca
> > > > http://speech.braille.uwo.ca/mailman/listinfo/speakup
> > > >
> > >
> > >
> >
> >
> > _______________________________________________
> > Speakup mailing list
> > Speakup at braille.uwo.ca
> > http://speech.braille.uwo.ca/mailman/listinfo/speakup
> >
>
>





More information about the Speakup mailing list