{"id":1720,"date":"2013-08-21T15:15:47","date_gmt":"2013-08-21T15:15:47","guid":{"rendered":"http:\/\/wiki.davelevy.info\/?p=1720"},"modified":"2023-06-24T16:26:49","modified_gmt":"2023-06-24T16:26:49","slug":"file-transfer","status":"publish","type":"post","link":"https:\/\/davelevy.info\/wiki\/file-transfer\/","title":{"rendered":"File Transfer"},"content":{"rendered":"<p>I need to revise file transfer over TCP\/IP. This article consists of links on encryption, sftp man pages, restricting shell escapes, sshd, ssh keys, restarts and scp.<!--more--><\/p>\n<p>How to encrypt the channel?<\/p>\n<ul>\n<li><a href=\"http:\/\/stackoverflow.com\/questions\/2517252\/transfer-file-over-ssh\">See http:\/\/stackoverflow.com\/questions\/2517252\/transfer-file-over-ssh<\/a><\/li>\n<li><a href=\"http:\/\/superuser.com\/questions\/134901\/whats-the-difference-between-scp-and-sftp\">http:\/\/superuser.com\/questions\/134901\/whats-the-difference-between-scp-and-sftp<\/a><\/li>\n<li><a href=\"https:\/\/www.openssh.com\/manual.html\">http:\/\/www.openssh.org\/manual.html,<\/a> lists and links the manual page<\/li>\n<\/ul>\n<p>The sftp man pages are as follows,<\/p>\n<ul>\n<li>http:\/\/linux.die.net\/man\/1\/sftp<\/li>\n<li><a href=\"http:\/\/linux.die.net\/man\/5\/vsftpd.conf\">http:\/\/linux.die.net\/man\/5\/vsftpd.conf<\/a><\/li>\n<\/ul>\n<p>With FTP there exist both shell escapes and commands that need to be restricted, such as cd and mget\/mput<\/p>\n<p>chroot jails might be useful<\/p>\n<ul>\n<li><a href=\"http:\/\/linux.about.com\/cs\/linux101\/g\/chrootlparjailr.htm\">http:\/\/linux.about.com\/cs\/linux101\/g\/chrootlparjailr.htm<\/a><\/li>\n<li><a href=\"http:\/\/linux.die.net\/man\/5\/rssh.conf\">http:\/\/linux.die.net\/man\/5\/rssh.conf<\/a><\/li>\n<\/ul>\n<p>do we still have restricted shells<\/p>\n<ul>\n<li><a href=\"http:\/\/linux.die.net\/man\/5\/rssh.conf\">http:\/\/linux.die.net\/man\/5\/rssh.conf<\/a><\/li>\n<li>http:\/\/www.cyberciti.biz\/tips\/linux-unix-restrict-shell-access-with-rssh.html<\/li>\n<\/ul>\n<p>seems to work<\/p>\n<p>For various reasons, I checked the sshd documentation<\/p>\n<ul>\n<li><a href=\"http:\/\/linux.die.net\/man\/8\/sshd\">http:\/\/linux.die.net\/man\/8\/sshd<\/a><\/li>\n<li><a href=\"https:\/\/web.archive.org\/web\/20190512003945\/http:\/\/www.manpagez.com:80\/man\/8\/sshd\/\">http:\/\/www.manpagez.com\/man\/8\/sshd<\/a><\/li>\n<li><a href=\"https:\/\/web.archive.org\/web\/20190515075941\/http:\/\/www.manpagez.com:80\/man\/5\/sshd_config\/\">http:\/\/www.manpagez.com\/man\/5\/sshd_config<\/a><\/li>\n<\/ul>\n<p>it can be run in file transfer mode, not yet found if it can do restart?<\/p>\n<p>Dealing with keys is obviously the same, here&#8217;s <a title=\"chou on ssh keys\" href=\"https:\/\/web.archive.org\/web\/20200315062901\/http:\/\/www.ece.uci.edu:80\/~chou\/ssh-key.html\">Prof. Chou on the subject<\/a>. Here&#8217;s <a title=\"ssh server in the home from lifehacker\" href=\"http:\/\/lifehacker.com\/205090\/geek-to-live--set-up-a-personal-home-ssh-server\">a link from lifehacker about how to set up an ssh server<\/a> in the home. It has a compare and contrast with FTPS i.e. FTP over SSL and thus talks about x.509 certs.<\/p>\n<p>http:\/\/lifehacker.com\/205090\/geek-to-live&#8211;set-up-a-personal-home-ssh-server<\/p>\n<p>And here&#8217;s the Ubuntu Page, <a href=\"https:\/\/web.archive.org\/web\/20150210124449\/https:\/\/help.ubuntu.com\/10.04\/serverguide\/ftp-server.html\">https:\/\/help.ubuntu.com\/10.04\/serverguide\/ftp-server.html<\/a><\/p>\n<p>While looking up transfer restart, I came across some references to an IETF RFC. Another idea would be to split the file, sftp it and then cat it back together again, thus ensuring that an FTP was restartable from the failing chunk to the end of file.<\/p>\n<p>Here&#8217;s a note on SCP vs SFTP<\/p>\n<ul>\n<li><a href=\"http:\/\/superuser.com\/questions\/134901\/whats-the-difference-between-scp-and-sftp\">http:\/\/superuser.com\/questions\/134901\/whats-the-difference-between-scp-and-sftp<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>I need to revise file transfer over TCP\/IP. This article consists of links on encryption, sftp man pages, restricting shell escapes, sshd, ssh keys, restarts and scp.<\/p>\n","protected":false},"author":1,"featured_media":8321,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":"","_share_on_mastodon":"0"},"categories":[8,3],"tags":[564,484,384,573,54,916,563,12,572,571,911,40,574],"class_list":["post-1720","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux","category-technology","tag-encryption","tag-file-sharing","tag-ftp","tag-ftps","tag-howto","tag-linux","tag-scp","tag-security","tag-sftp","tag-ssh","tag-technology","tag-unix","tag-x509"],"share_on_mastodon":{"url":"","error":""},"jetpack_featured_media_url":"https:\/\/davelevy.info\/wiki\/wp-content\/uploads\/2013\/08\/files-absolutevision-unsplash-w1280.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/davelevy.info\/wiki\/wp-json\/wp\/v2\/posts\/1720","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/davelevy.info\/wiki\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/davelevy.info\/wiki\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/davelevy.info\/wiki\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/davelevy.info\/wiki\/wp-json\/wp\/v2\/comments?post=1720"}],"version-history":[{"count":19,"href":"https:\/\/davelevy.info\/wiki\/wp-json\/wp\/v2\/posts\/1720\/revisions"}],"predecessor-version":[{"id":5977,"href":"https:\/\/davelevy.info\/wiki\/wp-json\/wp\/v2\/posts\/1720\/revisions\/5977"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/davelevy.info\/wiki\/wp-json\/wp\/v2\/media\/8321"}],"wp:attachment":[{"href":"https:\/\/davelevy.info\/wiki\/wp-json\/wp\/v2\/media?parent=1720"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/davelevy.info\/wiki\/wp-json\/wp\/v2\/categories?post=1720"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/davelevy.info\/wiki\/wp-json\/wp\/v2\/tags?post=1720"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}