Hmmm, you're right. An sftp client request opens over ssh and launches sftp-server. So, now I've forgotten your earlier question. You wouldn't use this for anonymous logins, right? So, why restrict bonafide users on your system to uploads in certain directories? On Mon, 1 Apr 2002, Steve Holmes wrote: > I realize that, but when one uses SFTP for secured FTP sessions, they come > into ssh and as far as I can tell, no ftp servers are involved. Is this > the correct observation? If so, then my questions from my previous > questions still apply. I'm still wondering which windows ftp clients work > with sftp. FTP Voyager seems to support SSL incrypted ftp but seemingly > only with Serve-U server. I see no mention of sftp (part of ssh) for this > client. I also would like to see progress messages when I do sftp like > you get with ncftp but the standard sftp client doesn't seem to offer > this. I haven't had a chance to look at lftp to see if it is any better. > > I hope this is clearer now:). > > On Mon, 1 Apr 2002, Janina Sajka wrote: > > > Steve: > > > > sftp is a client, not a server. If you want to tighten ftp against known > > security issues, read the documentation provided with the ftp servers. > > There's no need to reinvent the wheel. > > On Sun, 31 Mar 2002, Steve Holmes > > wrote: > > > > > I know, this doesn't have to do with speakup but I have a question for > > > anyone who might have had some experience with Secured FTP (SFTP). So > > > far, I realize that SFTP is a subset of ssh so I don't think any of > > > the conventional FTP servers like proftp have any chips in the deal. > > > I'm setting such a thing up on a private machine for my friend and > > > haven't been able to find much on controling access and rights. What > > > I've done so far is to add users on this machine like any other shell > > > accounts but force their default directory to be /home/ftp instead of > > > /home/user-id. I then put some symbolic links in this ftp directory > > > to point to the various download areas. So far, the permissions look > > > good but I'd like to tighten things up a bit; I would like to "lock" > > > the users into the /home/ftp directory and subdirs. Another rinkle > > > here is the sym links. Once you cd to a symlinked directory, doing a > > > cd .. takes up from that point, and not back to where you were > > > before. One big disadvantage to symbolic links, I guess. > > > > > > Another question, are there any sftp clients out there for linux that > > > might be a bit better than the strait sftp command? I wish ncftp could > > > do it, but it doesn't look like it can. Also many of the future users > > > of this machine are from winblows; what are some good sftp clients for > > > winblows? Personally, I like FTP Voyager but 9.0 has SSL support but > > > does not appear to do sftp specifically. I think it may be locked > > > into connectivity with their own server, Serv-u. > > > > > > Any ideas on this stuff? > > > > > > _______________________________________________ > > > Speakup mailing list > > > Speakup at braille.uwo.ca > > > http://speech.braille.uwo.ca/mailman/listinfo/speakup > > > > > > > > > > _______________________________________________ > Speakup mailing list > Speakup at braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup > -- Janina Sajka, Director Technology Research and Development Governmental Relations Group American Foundation for the Blind (AFB) Email: janina at afb.net Phone: (202) 408-8175 Chair, Accessibility SIG Open Electronic Book Forum (OEBF) http://www.openebook.org
