[mdlug] sftp on centos 6 expert wanted
Adam Tauno Williams
awilliam at whitemice.org
Thu Jan 26 05:46:38 EST 2012
On Wed, 2012-01-25 at 23:52 -0500, Jeff Hanson wrote:
> I'm too busy to get involved with this and I haven't used CentOS/Red
> Hat/Fedora much so I can only offer some observations based on my
> Ubuntu build.
I use CentOS in production... there really isn't anything involved in
setting up an SFTP server. Just start the SSH service.
> OpenSSH would be the way to go with the "ChrootDirectory" directive
> and key-based authentication.
Pretty much.
> Basically they would need to create a GPG key pair (ssh-keygen) and
SSH keys pairs aren't GPG/PGP key pairs; they're just SSH key pairs.
Same principals though.
> send you the public key to add to the sshd key file
> (~/.ssh/authorized_keys on Ubuntu). To connect they just need to:
> sftp -o IdentityFile=$HOME/.ssh/id_dsa -o Port=<port #> <server username>@URL
Isn't IdentityFile= just automatic? I never have to enter that
[although I do almost all my sftp work via Nautilus].
You can also set alternate ports, logins, etc... using the ~/.ssh/config
file.
> It could get complicated if you need to automate chroot directory
> creation and mounting across multiple servers. If these will be
> pre-configured then the ssh configuration should be relatively easy
> Have a look at this:
> http://en.wikibooks.org/wiki/OpenSSH/Cookbook/SFTP#Chrooted_SFTP-Only_Accounts
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://mdlug.org/pipermail/mdlug/attachments/20120126/17ace98f/attachment-0001.sig>
More information about the mdlug
mailing list