Secure FTP (sftp)
Bill Asher
bill.asher at enaws.com
Tue Oct 23 15:55:12 UTC 2007
My ultimate goal would be to provide each remote user a auth key,
username, pwd, clear text is not an option (when is it ever, hehe :).
Then each user can only get to their home folder and that is it. Also,
the sftp server will be behind a firewall with policies in place to
allow only those remote users IPs to pass thru.
I need the information they upload to be encrypted and them jailed to
home.
The options I'm looking at now are scponly and rssh, would you all
agree?
Thank you!
Bill
-----Original Message-----
From: ubuntu-server-bounces at lists.ubuntu.com
[mailto:ubuntu-server-bounces at lists.ubuntu.com] On Behalf Of Michael R.
Head
Sent: Monday, October 22, 2007 10:34 PM
To: ubuntu-server at lists.ubuntu.com
Subject: Re: Secure FTP (sftp)
On Mon, 2007-10-22 at 16:46 -0500, Bill Asher wrote:
> Anyone have a good HOWTO link for setting up a chrooted sftp server.
> I need to do this for some outside vendors to dump files to our
> office. But I really don't want to setup a full blown ftp server like
> vsftpd or proftpd as all the functionality of these are not needed.
> I'd like to use SSH but I need it chrooted, maybe authentication keys
> too?
Keep in mind, chroot isn't a security tool, it's a debugging/development
tool.
http://www.bpfh.net/simes/computing/chroot-break.html
http://en.wikipedia.org/wiki/Chroot
http://kerneltrap.org/Linux/Abusing_chroot
>
> Thought I'd ask the list at this point, I've googled and there seems
> to be a lot of opinions, just looking for a proven one.
>
>
>
> Thanks,
>
> Bill
>
>
> --
> ubuntu-server mailing list
> ubuntu-server at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
> More info: https://wiki.ubuntu.com/ServerTeam
--
Michael R. Head <burner at suppressingfire.org>
http://picasaweb.google.com/demiri.head.wedding
More information about the ubuntu-server
mailing list