ftp file access security

ssh security ftp

Solution 1:

FTP is inherently insecure as it transmits everything en clair.

As you already have ssh then either use scp or sftp both of which leverage the ssh protocol. You can even use clients like filezilla to connect to your sftp server.

If not already enabled, you can add

Subsystem sftp /usr/lib/openssh/sftp-server

to your /etc/ssh/sshd_config file to to so.

You can further lock down the specific user by adding directives to the sshd_config (if that's needed)

Match User alice
  # Force the connection to use SFTP and chroot to the required directory.
  ForceCommand internal-sftp
  ChrootDirectory /home/alice
  # Disable tunneling, authentication agent, TCP and X11 forwarding.
  PermitTunnel no
  AllowAgentForwarding no
  AllowTcpForwarding no
  X11Forwarding no

That would only let alice connect using sftp and not ssh/scp.

Related

Connecting to iSCSI Target
Complex Exchange 2010 to Office 365 Migration with multiple domains
Good reference for Cisco Resilient Ethernet Protocol [closed]
Quorum Disk size for Windows 2008R2 failover
Empty error on starting almost-default PostgreSQL
Setup Postfix with SMTP-AUTH over SASL2 with SASLDB for users to send emails
Azure Linux VM name resolution
How can I disable the security warning when launching shortcuts stored in the user's profile stored on the server?
Do disconnected remote desktop sessions lock accounts?
Nginx. Using redirects with regular expressions
Freenas - Expanding volume
Setting up mongodb via upstart - how to pass options?