I need to revise file transfer over TCP/IP. This article consists of links on encryption, sftp man pages, restricting shell escapes, sshd, ssh keys, restarts and scp.
How to encrypt the channel?
- See http://stackoverflow.com/questions/2517252/transfer-file-over-ssh
- http://superuser.com/questions/134901/whats-the-difference-between-scp-and-sftp
- http://www.openssh.org/manual.html, lists and links the manual page
The sftp man pages are as follows,
- http://linux.die.net/man/1/sftp
- http://linux.die.net/man/5/vsftpd.conf
With FTP there exist both shell escapes and commands that need to be restricted, such as cd and mget/mput
chroot jails might be useful
do we still have restricted shells
- http://linux.die.net/man/5/rssh.conf
- http://www.cyberciti.biz/tips/linux-unix-restrict-shell-access-with-rssh.html
seems to work
For various reasons, I checked the sshd documentation
- http://linux.die.net/man/8/sshd
- http://www.manpagez.com/man/8/sshd
- http://www.manpagez.com/man/5/sshd_config
it can be run in file transfer mode, not yet found if it can do restart?
Dealing with keys is obviously the same, here’s Prof. Chou on the subject. Here’s a link from lifehacker about how to set up an ssh server in the home. It has a compare and contrast with FTPS i.e. FTP over SSL and thus talks about x.509 certs.
http://lifehacker.com/205090/geek-to-live–set-up-a-personal-home-ssh-server
And here’s the Ubuntu Page, https://help.ubuntu.com/10.04/serverguide/ftp-server.html
While looking up transfer restart, I came across some references to an IETF RFC. Another idea would be to split the file, sftp it and then cat it back together again, thus ensuring that an FTP was restartable from the failing chunk to the end of file.
Here’s a note on SCP vs SFTP