On 10/1/22 9:52 AM, Billy Ashton wrote:
Hi everyone! You have been so helpful in the past to help me with getting my file transfers working with sftp, and now, we have a manager who wants to explore using https in batch like we do online in our browsers. He thinks we can secure our ports better if we are not using as many. We would be using it to move files back and forth with a couple of our major business partners.
I'm going to assume that you need to both send and receive files via HTTPS. -- This is germane because pushing and pulling files tends to be easier to do than hosting something that will receive files that others push or pull. The former can be done with Unix commands. The latter tends to require web applications (of a given value).
Another option might be to use an HTTPS server as a proxy server such that you adapt your SFTP et al. process to leverage the HTTP(S) "CONNECT" command. Researching "ssh through http proxy" (or some permutation thereon) should give you lots of pointers.
Personally, I feel like judicious use of a firewall would take care of concerns. I'm assuming that both you and your business partners are on static IPs. Or at least in well scoped networks if IPs do change.
There are also some options on Linux, namely sslh, that allow re-using the same port for multiple protocols.
I strongly suspect that there are other ports that are lower value / used by fewer things than SSH / SFTP.
-- Grant. . . . unix || die ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
