Post a reply

Before posting, please read how to report bug or request support effectively.

Bug reports without an attached log file are usually useless.

Options
Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)

Options

Topic review

martin

Birdie wrote:

SSH: You'll still have to log on to SSH first, no? So either you chroot that SSH access to a specific directory and the problem doesn't occur, or you don't and you give the user access anyway.

Sure, but OpenSSH does not allow this AFAIK.

Or can you somehow force him / her to only use that SSH connection to subsequently start an FTP session over it?

I don't understand this.
Birdie

SSL: I think this is done because SSL can set up a secure connection for you without requiring a log-in. (Authentication is based on the SSL certificate.)

SSH: You'll still have to log on to SSH first, no? So either you chroot that SSH access to a specific directory and the problem doesn't occur, or you don't and you give the user access anyway. Or can you somehow force him / her to only use that SSH connection to subsequently start an FTP session over it?
martin

Re: sftp vs. ftp tunneled through ssh

zskillz wrote:

Hey all, I couldn't think of a better place to ask this really. In reading up on how sftp works, it seems that a common problem/complaint is that there is no way to chroot users to a specific directory.

But it is not limitation of SFTP. It is limitation of the most used SFTP server, the one shipped with OpenSSH. Commercial SFTP servers allow this.

I'm sure it's possible to just tunnel FTP through ssh (both the communications and data channels), but I'm curious why I don't see more people doing this.

I haven't heard of this. FTP is usually tunneled thru SSL. I do not know if it has any reason or if it is just custom.
zskillz

sftp vs. ftp tunneled through ssh

Hey all, I couldn't think of a better place to ask this really. In reading up on how sftp works, it seems that a common problem/complaint is that there is no way to chroot users to a specific directory. I would really like to have the functionality/power or normal FTP and the security of ssh.

I'm sure it's possible to just tunnel FTP through ssh (both the communications and data channels), but I'm curious why I don't see more people doing this.

thoughts?

-Z