Adam> Is anyone running a server that supports "secure FTP" (also Adam> known as "SFTP," "FTPS," or "FTP over SSL") and, if so, would Adam> you be willing to help me debug an SFTP set-up?
I've been working at my site setting it up so our customers can use sftp instead of ftp to upload/download files to our server in the DMZ. Not hard at all. The hard part came about in getting it to work like proftpd does, so that customers can only see their own files/directories. I ended up going with 'scponly' as the tool and making changes to the existing setup on how to we do FTP for our customers. Of course, there were complaints that we're changing things and that it's "too confusing" for the users. Sigh... See the May 2004 issue of SysAdmin magazine for more details. I've also got a writeup of what I did which might help, and which I think I can share if I sanitize some details. Adam> My employer has a requirement to set up SFTP for data exchange Adam> with a partner of ours, but for security reasons that partner Adam> can't be especially helpful to us in getting our side configured Adam> correctly. (I don't mean to reflect poorly on our partner; it's Adam> simply that their security policies -- which are entirely Adam> reasonable and necessary -- prohibit them from setting up a test Adam> system for debugging use.) I don't know what you mean by sftp data exchange. Do you mean people at your site will use sftp to push/pull files from their sftp-server? Or visa versa? Or does it have to happen both ways? Any why not just plain scp then? Or are you like us and trying to minimize the re-training of users? Adam> Anyway, I'd prefer to use someone's personal server, not one Adam> owned by an employer; security stuff is just too sensitive these Adam> days for me to want to risk legal problems. Sure, but it's really easy to setup. Esp if you just use a home machine for the client side testing. Adam> So, if you run such a server of your own, and would be willing Adam> to help me with this project, I'd really appreciate it. I can't Adam> offer to pay you anything, nor can my employer pay you on a Adam> consulting basis -- but I could probably buy you dinner at my Adam> employer's expense. :-) Dinner sometime would be good, but maybe out in my area of the woods? Marlboro? Cheers, John _______________________________________________ bblisa mailing list [email protected] http://www.bblisa.org/mailman/listinfo/bblisa
