I use sftp for almost everything. There is an excellent free sftp gui client for Windows called WinSCP. If you change the checkbox from "norton commander" to "windows explorer mode" then you can drag & drop files to and from the server as if you were browsing your local file system. Very intuitive and friendly.
Basic setup could not be easier. You just install an ssh server, and un-comment the line in the config file that says "subsystem sftp" or something like that. Question is, do you need any of the difficult configuration stuff? For example, if you want sftp inside a jail so users can only see their own directory. Installing the jail might be difficult. Also, if you want sftp available, while ssh is not available, that might be difficult too. If you want usernames & home directories that are not usernames & directories on the unix/linux/windows server, that might be difficult. > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of John Stoffel > Sent: Thursday, August 10, 2006 12:43 PM > To: [EMAIL PROTECTED] > Cc: Back Bay LISA > Subject: Re: [BBLISA] Anyone running a "secure FTP server? > > > Adam> Is anyone running a server that supports "secure FTP" > (also known > Adam> as "SFTP," "FTPS," or "FTP over SSL") and, if so, would you be > Adam> willing to help me debug an SFTP set-up? > > I've been working at my site setting it up so our customers > can use sftp instead of ftp to upload/download files to our > server in the DMZ. Not hard at all. > > The hard part came about in getting it to work like proftpd > does, so that customers can only see their own > files/directories. I ended up going with 'scponly' as the > tool and making changes to the existing setup on how to we do > FTP for our customers. Of course, there were complaints that > we're changing things and that it's "too confusing" > for the users. Sigh... > > See the May 2004 issue of SysAdmin magazine for more details. > I've also got a writeup of what I did which might help, and > which I think I can share if I sanitize some details. > > Adam> My employer has a requirement to set up SFTP for data exchange > Adam> with a partner of ours, but for security reasons that partner > Adam> can't be especially helpful to us in getting our side > configured > Adam> correctly. (I don't mean to reflect poorly on our partner; it's > Adam> simply that their security policies -- which are entirely > Adam> reasonable and necessary -- prohibit them from setting > up a test > Adam> system for debugging use.) > > I don't know what you mean by sftp data exchange. Do you > mean people at your site will use sftp to push/pull files > from their sftp-server? > Or visa versa? Or does it have to happen both ways? > > Any why not just plain scp then? Or are you like us and > trying to minimize the re-training of users? > > Adam> Anyway, I'd prefer to use someone's personal server, > not one owned > Adam> by an employer; security stuff is just too sensitive these days > Adam> for me to want to risk legal problems. > > Sure, but it's really easy to setup. Esp if you just use a > home machine for the client side testing. > > Adam> So, if you run such a server of your own, and would be > willing to > Adam> help me with this project, I'd really appreciate it. I > can't offer > Adam> to pay you anything, nor can my employer pay you on a > consulting > Adam> basis -- but I could probably buy you dinner at my employer's > Adam> expense. :-) > > Dinner sometime would be good, but maybe out in my area of the woods? > Marlboro? > > Cheers, > John > > _______________________________________________ > bblisa mailing list > [email protected] > http://www.bblisa.org/mailman/listinfo/bblisa > _______________________________________________ bblisa mailing list [email protected] http://www.bblisa.org/mailman/listinfo/bblisa
