LISTSERV mailing list manager LISTSERV 16.0

Help for LINUX-L Archives


LINUX-L Archives

LINUX-L Archives


LINUX-L@LISTS.UFL.EDU


View:

Message:

[

First

|

Previous

|

Next

|

Last

]

By Topic:

[

First

|

Previous

|

Next

|

Last

]

By Author:

[

First

|

Previous

|

Next

|

Last

]

Font:

Monospaced Font

LISTSERV Archives

LISTSERV Archives

LINUX-L Home

LINUX-L Home

LINUX-L  2007

LINUX-L 2007

Subject:

Re: scp and sftp... rssh, scponly, or "other"

From:

"[log in to unmask]" <[log in to unmask]>

Reply-To:

[log in to unmask]

Date:

Mon, 11 Jun 2007 16:22:22 -0400

Content-Type:

text/plain

Parts/Attachments:

Parts/Attachments

text/plain (54 lines)

I believe that scp and sftp both require shell access. For example
setting the user's shell to /bin/false creates a home directory for the
user which can be used to store files for proftpd sessions, however the
user would not be able to ssh, sftp or scp files. What exactly is your
goal? Do you need encryption on file uploads without shell access for
your users? While not an ideal solution, by any means there are a number
of open source utilities that run from a web browser which can be put on
ssl (https) from which the user can upload and download files securely
(when coupled with an adequate auth mechanism) As for the utilities
mentioned, I don't have any experience with those programs. Also, be
aware that jail shell and (IIRC) chroot jails can be circumvented. Hope
this helps point you in the right direction.

Justin

Justin Moore
Systems Administrator
ProGifts, Inc.
3715-B NW 97th Blvd.
Gainesville, FL 32606
Phone: (352) 332-3833
Fax: (352) 332-8252
www.progifts.com



Dan Stoner wrote:
> I want to allow users to upload files using sftp and scp in a web
> hosting environment.
>
> I don't want to give full shell access.
>
>
>
> The most popular choices (via google search) are rssh, scponly, or
> chroot jail.
>
>
> If you allow scp in your web hosting environments, how do you prevent
> shell access?
>
>
> Or... tell me why scp and sftp are silly and we should just use xyz
> instead.
>
>
> Thanks,
>
> Dan Stoner
> Network Administrator
> Florida Museum of Natural History
> University of Florida
> (352)392-1721 ext. 233
> http://www.flmnh.ufl.edu

Top of Message | Previous Page | Permalink

Advanced Options


Options

Log In

Log In

Get Password

Get Password


Search Archives

Search Archives


Subscribe or Unsubscribe

Subscribe or Unsubscribe


Archives

2020
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001
2000
1999
1998
1997

ATOM RSS1 RSS2



LISTS.UFL.EDU

CataList Email List Search Powered by the LISTSERV Email List Manager