Create File Server with SSH FTP capabilities

Status
Not open for further replies.

poertner_1274

Posts: 3,874   +3
As the title states, I am interested in delving into the *nix world.

I have 2 current needs

  1. Setup networked storage server for files/backups/etc.
  2. Setup secure FTP access to said files from anywhere (SSH?)

Does anyone have any suggestions? I was debating on doing this with Windows XP, but figured I'd give *nix a shot and see how it works & learn something at the same time.

My knowledge is very limited, but I have played with linux before.
 
SSH would be infinitely more secure than FTP, for sure.

There are numerous FTP clients that also supposed FTP over SSH, using SFTP or SCP. The interface is generally exactly the same: Username and password. One huge advantage of using SFTP/SCP is, if you are really into it, you can setup pre-shared keys, so you never have to use a username/password, so long as you have your proper keys on the client machine.

100% of Linux distros will have SSH, and the majority will have package options for NFS, CIFS or Samba, the latter two of which you can view on a Windows client. There are also plenty of free Windows SFTP/SCP utilities, like WinSCP.
 
SSH operates over port 22 and includes both FTP and Telnet protocols.

The server will need to open the firewall for 22 and CLOSE ports 20,21(normal FTP) & 23 (normal Telnet).

In addition, if you wish to support ONLY secure FTP, then you need to administor
the system to avoid Shell Access and also
to control if the remote user is allowed to upload.
 
? SSH does not include FTP or Telnet "protocols". SSH can initiate encrypted shell sessions and includes the SFTP and SCP protocols, which are inherently different, and more secure than, FTP and Telnet. It is not just "FTP over SSH".

http://en.wikipedia.org/wiki/SSH_file_transfer_protocol

SFTP is not FTP run over SSH, but rather a new protocol designed from the ground up by the IETF SECSH working group. It is sometimes confused with Simple File Transfer Protocol. [1]

If you want to restrict access to transferring of files only, you can install RSSH on your system and set the user's shell to that - it'll allow all SCP/SFTP functions normally but will disallow local shell access, while still being able to specify a proper home directory. It works better than making a user's shell something invalid, as it will process any other requests normally.
 
you're arguing nits. It has FTP and Telnet functionality, and as you've shown,
is not borrowing those protocols.

security and access are the issues, not the implementation :p
 
Status
Not open for further replies.
Back