Yes, it is primitive, but I don't know of much better that enforces a secure connection other than scp -- which isn't an ftp client at all. My research for ACB is attached, but the main thing you'll get from it, I think, is the recommendations on Windows clients. What you want seems to be what the wu-ftpd folks call guest ftp. Under guest ftp, real users login with their real usernames and passwords, but are chroot'ed to their /home/ user directory trees. Their HOWTO is at: http://www.wu-ftpd.org/HOWTO/guest.HOWTO On Mon, 1 Apr 2002, Steve Holmes wrote: > That's right, We intend this to be a private FTP site with private users. > We just don't want them to be able to peek into other directories in which > they don't belong. If a different solution is more appropriate, I'm all > ears. I recall you did some research a while back for ACB and secured > FTP? Maybe we're barking up the wrong tree to secure the FTP sessions. If > SFTP is indeed the way to go, then I'm curious to know of good compatible > sftp clients for both linux and windows. The only thing I've used so far > was sftp which doesn't provide any progress status and is rather primitive > to me. That's basically it. > > On Mon, 1 Apr 2002, Janina Sajka wrote: > > > Hmmm, you're right. An sftp client request opens over ssh and launches > > sftp-server. > > > > So, now I've forgotten your earlier question. You wouldn't use this for > > anonymous logins, right? So, why restrict bonafide users on your system to > > uploads in certain directories? > > On Mon, 1 Apr 2002, Steve Holmes wrote: > > > > > I realize that, but when one uses SFTP for secured FTP sessions, they come > > > into ssh and as far as I can tell, no ftp servers are involved. Is this > > > the correct observation? If so, then my questions from my previous > > > questions still apply. I'm still wondering which windows ftp clients work > > > with sftp. FTP Voyager seems to support SSL incrypted ftp but seemingly > > > only with Serve-U server. I see no mention of sftp (part of ssh) for this > > > client. I also would like to see progress messages when I do sftp like > > > you get with ncftp but the standard sftp client doesn't seem to offer > > > this. I haven't had a chance to look at lftp to see if it is any better. > > > > > > I hope this is clearer now:). > > > > > > On Mon, 1 Apr 2002, Janina Sajka wrote: > > > > > > > Steve: > > > > > > > > sftp is a client, not a server. If you want to tighten ftp against known > > > > security issues, read the documentation provided with the ftp servers. > > > > There's no need to reinvent the wheel. > > > > On Sun, 31 Mar 2002, Steve Holmes > > > > wrote: > > > > > > > > > I know, this doesn't have to do with speakup but I have a question for > > > > > anyone who might have had some experience with Secured FTP (SFTP). So > > > > > far, I realize that SFTP is a subset of ssh so I don't think any of > > > > > the conventional FTP servers like proftp have any chips in the deal. > > > > > I'm setting such a thing up on a private machine for my friend and > > > > > haven't been able to find much on controling access and rights. What > > > > > I've done so far is to add users on this machine like any other shell > > > > > accounts but force their default directory to be /home/ftp instead of > > > > > /home/user-id. I then put some symbolic links in this ftp directory > > > > > to point to the various download areas. So far, the permissions look > > > > > good but I'd like to tighten things up a bit; I would like to "lock" > > > > > the users into the /home/ftp directory and subdirs. Another rinkle > > > > > here is the sym links. Once you cd to a symlinked directory, doing a > > > > > cd .. takes up from that point, and not back to where you were > > > > > before. One big disadvantage to symbolic links, I guess. > > > > > > > > > > Another question, are there any sftp clients out there for linux that > > > > > might be a bit better than the strait sftp command? I wish ncftp could > > > > > do it, but it doesn't look like it can. Also many of the future users > > > > > of this machine are from winblows; what are some good sftp clients for > > > > > winblows? Personally, I like FTP Voyager but 9.0 has SSL support but > > > > > does not appear to do sftp specifically. I think it may be locked > > > > > into connectivity with their own server, Serv-u. > > > > > > > > > > Any ideas on this stuff? > > > > > > > > > > _______________________________________________ > > > > > Speakup mailing list > > > > > Speakup at braille.uwo.ca > > > > > http://speech.braille.uwo.ca/mailman/listinfo/speakup > > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > > Speakup mailing list > > > Speakup at braille.uwo.ca > > > http://speech.braille.uwo.ca/mailman/listinfo/speakup > > > > > > > > > > _______________________________________________ > Speakup mailing list > Speakup at braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup > -- Janina Sajka, Director Technology Research and Development Governmental Relations Group American Foundation for the Blind (AFB) Email: janina at afb.net Phone: (202) 408-8175 Chair, Accessibility SIG Open Electronic Book Forum (OEBF) http://www.openebook.org
