 |
 |
sftp and ftpchroot
|
|
|
|
|
Dedicated MacNNer
Join Date: Jul 2002
Location: Norway
Status:
Offline
|
|
Hello, I've wanted to do encrypted and secure file transfers, so ftp was not my thing, sftp to the rescue !! I've made a sftp user only, and managed to only allow him access to sftp, thx macosxhints. Now, I'm looking for some ftpchroot for sftp. First I got this top from #linux at undernet irc. They said rssh was the thing, man it looked good. But after some reading on his site, it said that BSD and OS X was no good. Then I tried scponly, but nothing. Then I tried flash ( http://www.netsoc.ucd.ie/flash/ ) , but nothing, even though the configure file did complete. Now I am kinda empty for clues. Can you help me ?? I think not only I wonder about this, sftp is really great !!
|
|
Mac Pro 2 x 2.8 GHz Quad-Core, Nvidia GeForce 8800GT
|
| |
|
|
|
|
|
|
|
Senior User
Join Date: Jan 2001
Location: Mahwah, NJ USA
Status:
Offline
|
|
Originally posted by Johnny_B:
Hello, I've wanted to do encrypted and secure file transfers, so ftp was not my thing, sftp to the rescue !! I've made a sftp user only, and managed to only allow him access to sftp, thx macosxhints. Now, I'm looking for some ftpchroot for sftp. First I got this top from #linux at undernet irc. They said rssh was the thing, man it looked good. But after some reading on his site, it said that BSD and OS X was no good. Then I tried scponly, but nothing. Then I tried flash ( http://www.netsoc.ucd.ie/flash/ ) , but nothing, even though the configure file did complete. Now I am kinda empty for clues. Can you help me ?? I think not only I wonder about this, sftp is really great !!
Even better:
rsync [options] -e ssh SOURCE user@DEST:/path
See man rsync for more info. It should already be on your system (Mac OS X 10.2.x and above).
rsync is both secure AND smart.
|
|
-DU-...etc...
|
| |
|
|
|
|
|
|
|
Dedicated MacNNer
Join Date: Jul 2002
Location: Norway
Status:
Offline
|
|
Well, does rsync have the "ftpchroot" feature ?
And it is not I who is gonna use it, but some Windows user, Amiga users, Linux users, and so on.
I've used RsyncX as a backup tool between two servers, and that was great. But I don't know with regular file transfers, if rsync is the thing.
|
|
Mac Pro 2 x 2.8 GHz Quad-Core, Nvidia GeForce 8800GT
|
| |
|
|
|
|
|
|
|
Senior User
Join Date: Jan 2001
Location: Mahwah, NJ USA
Status:
Offline
|
|
Originally posted by Johnny_B:
Well, does rsync have the "ftpchroot" feature ?
No, why would it need it?
It does, by default, connect to the users home folder. It can also connect to any folder that the user has read permissions to. IOW it has no less (nor more) security for the system than for users who have shell accounts. Even if you don't normally allow shell accounts you don't basically gain or loose any security by using ftpchroot.
And it is not I who is gonna use it, but some Windows user, Amiga users, Linux users, and so on.
There are most definitely rsync clients and servers for Linux. There are clients for Windows. Amiga users??? By Amiga users I assume you mean they are running AmigaOS, yes? AmigaOS has sftp? If you mean that they are running BSD on their Amiga then, yes, they also can use rsync.
I've used RsyncX as a backup tool between two servers, and that was great. But I don't know with regular file transfers, if rsync is the thing.
Yep rsync is excellent for backups. It is far far better than ftp. rsync is NOT an interactive tool like ftp/sftp. The user can not noodle around a file system getting and putting files here and there.
However... the way(s) I use it:
I maintain various websites both personal and professional. Naturally I keep these various websites organized in their own folders on my home or work machine. The folder for a given website on my desktop machine (at home or at work) is a mirror of the folder for that site on the webserver. Let's call it, say, MyBiz/webfolder. When I make changes on my desktop machine to the contents of that folder that may cover multiple files in various subfolders.. then test it locally... to use an ftp/sftp type client to upload these all these changes to the website is time consuming and error prone. I would have to drill around for all the changes and make sure I upload all of them otherwise something may break. With rsync it is as simple as syncing the entire MyBiz/webfolder, thus:
rsync -auvz --delete -e ssh MyBiz/webfolder/ user@website:MyBiz/webfolder
A few seconds later all my changes are uploaded faithfully to the website... and ONLY the changes.
If you read the manpage for rsync or google around for more information you can find many more examples.
It may seem complicated and cryptic at first but compare the time learning how to use the tool correctly to the time users spend futzing around with an interactive tool like ftp/sftp and rsync comes out the winner IMO. If you like you could even make an alias or script or whatever to make it even easier for your users.
BTW IIRC ftpchroot was broken in Mac OS X 10.2.x. I believe it has been fixed in 10.3
|
|
-DU-...etc...
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
|
Top
