Dear geeks on here, After doing some research, I understand that I can host my own SFTP server on my mac. To do this is a bit of a challenge, and I have a couple of questions in advance that you may know the answers to.
1. As I understand it, SFTP is a protocol that runs inside, or over, SSH. All I've seen from SSH, is that it is a nice way to terminal into another mac. How can SFTP be done over a back and forth text connection? FTP is mostly binary, at least almost always for file transfers. Clearly, I'm still missing some basics here. 2. Is it true that SSH and SFTP both use, and only use, port 22 on the listening server? In other words, do I need to forward other ports besides 22? 3. Can I have one without the other? In other words: if I need an SFTP server to function, can I still prevent folks from logging in, to do terminal like things over ssh? I'm asking because, if you turn on remote login from within the sharing item of system preferences, then not only do you turn on SFTP, but also SCP and regular SSH. Using telnet or in this case its secure version ssh, someone could go virtually anywhere. Using SFTP however, I can restrict which folders other users see. I'm still piecing the concept together in my mind. Is it possible to run an SFTP service while blocking regular SSH terminal sessions out? 4. Is it a good idea to choose a different listening port on my router, that other users can SFTP into? Usually it is 22, but to obscure the SFTP server a bit, I could choose another listening port, correct? Are there any technical disadvantages that I should keep in mind when choosing an alternative incoming SFTP port? 5. An interesting part. To allow a user to do SFTP, and this is what I don't understand, I need to go into the user's advanced options, and then set the user shell to /bin/bash. Why should I do this at all? I want them to SFTP, I don't want them to do SSH commands. So first, what means /usr/bin/false and why does it need to point to bash instead? 6. I also need to set the user's home directory. I have a lot of stuff to offer, but if I gave each user his or her own home directory, then how do they get to my files repository from there, once they are logged in? 7. There is a reserved username called ftp. What is this being used for, and what if a random user attempts this as a username on my system? Hoping for answers. Kind regards, Paul. -- You received this message because you are subscribed to the Google Groups "MacVisionaries" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/macvisionaries?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
