// archives

Archive for April, 2009

Secure File Transfer without Secure Shell

FTP (File Transfer Protocol) is the de-facto but unsecure method to transfer files. SSH (Secure Shell) and its family of services like SCP (Secure Copy) and SFTP (Secure FTP) allows you shell (telnet like) access as well as file transfer via SCP and SFTP, securely. By “securely” I mean the data is that flows across is encrypted including the username and password. SSH is a popular protocol for shell access and file transfer in the Linux world.

So given a choice, SCP/SFTP is a better option in terms of “security”. But enabling SFTP/SCP enables, by default, shell access too. Recently for one of my clients, the requirement was to use SCP instead of FTP while blocking shell access so that no user is able to login, in curiosity, nor could execute any program/script on the server, even by mistake. All they could do is to copy files across – from their desktop to the server and vice versa.  But, I could not find anything in  SSH configuration that barred SSH, while still allowing SCP. Read the rest of this entry »

GD Star Rating
loading...
GD Star Rating
loading...
Share

Recent Tweets

Follow Me on Twitter