Secure file transfer in linux without SSH?

linux ssh sftp scp file-transfer
11,077

Solution 1

The good old File Transfer Protocol (FTP) was invented for transferring files. To use it in a secure way, you can use ftps (which is not sftp, but ftp over ssl) or set up a vpn connection for security.

When I search for vsftpd+ssl, this is the first result which seems like a reasonable starting point.

Solution 2

The following is simple and awesome:

python -m SimpleHTTPServer 8888

This starts a new http file server for current directory. Supposed there is a file named foo in current directory, you can download it like this:

wget http://your.ip.here:8888/foo

Solution 3

You could setup a WebDAV file system over SSL.

Solution 4

You can use any protocol, even unencrypted and without authentication. All you have to to is to sign and encrypt your data before you send it:

gpg --armor --local-user senderkey --recipient recipientkey --sign --encrypt cleartextfile

If you are paranoid about login possibilities on the target you can use a combination of

  1. some network event (that does not open a connection) which is logged by Netfilter (iptables)
  2. a wget call which is triggered by the logging and gets the file from some web server (the OpenPGP file probably needs to always have the same name then)

Solution 5

Seems to me you should be able to restrict the user to just sftp by adding a command="..." directive to the users authorized_keys file. We're doing that at $work to restrict some user accounts to just rsync.

There's a wite-up at http://troy.jdmz.net/rsync/index.html that lays out the process for rsync.

Share:
11,077

Related videos on Youtube

guipy
Author by

guipy

C/C++ programmer, Linux focused.

Updated on September 18, 2022

Comments

  • guipy
    guipy almost 2 years

    I want to transfer files between to machines over the internet, in a SECURE way. Both machines have linux (the "server" uses Ubuntu 12 and the "client" uses Mint 14). I DO NOT want to allow ssh to my server, and i want the client to be able to open and read files on server, but it cannot modify/erase things. It's allowed to client copy files to server [or create files there] and copy from server.

    I want to share just some directories in my server in the way above explained. Finally, i want to access files in the client in a easy fashion, like GUI mode or something..not using shell, but instead using a windows-like style (like if my remote folder is a local one, but with restrict access as above explained).

    Being secure to me means that the connection must be encrypted, and the login could use some private/public key scheme.

    What's the best solution for me ? I'm trying to find some SFTP configuration that fits my "specification", but the restriction in access is too "peculiar"...i don't know even if SFTP works without allowing ssh.

    Thanks very much for any help...

    EDIT: Thanks very very much for your help. I really appreciate this! I will evaluate all answers and try to figure out the best solution. By now, i think creating an user that have restricted access/privileges and allowing ONLY this user to do a SSH/SFTP ultra-secured is the best way..."hacks" to avoid ssh really can make things worse (less-secure). My question is a little bit confusing because my "logic" was a little disturbed. Now i can see more clearly...

    • ceejayoz
      ceejayoz about 11 years
      @DanilaLadner Did you read the second-to-last paragraph, which talks about SFTP?
    • Chopper3
      Chopper3 about 11 years
      I want a pony but you can't always get what you want - how about a VPN and some permissions?
    • Kruug
      Kruug about 11 years
      Would Dropbox/Google Drive/SkyCloud/etc. be an option?
    • egorgry
      egorgry about 11 years
      VPN seems like the only sane option here based on what I'm reading but my question is why are you opposed to ssh? It's pretty solid and secure when set up correctly. You can use denyhosts, lock it down a million ways, change default port etc.
    • Johnsyweb
      Johnsyweb about 11 years
      If you could explain your aversion to ssh, it may make it easier to suggest an alternative, but ssh and rsync are likely to be the best possible solution here.
    • guipy
      guipy about 11 years
      @egorgry: Interesting...it's possible to only allow my client [that will be fixed, same pc always!] to do sftp/ssh on my server? By the way, thanks to you all for helping me...
    • Danila Ladner
      Danila Ladner about 11 years
      Sure, quite possible.
    • guipy
      guipy about 11 years
      @Johnsyweb: It seems that rssh, from the link you've posted, can do part of the job [avoiding ssh login, allow only sftp]. But what about the file restriction access? SFTP can deal with it? Thanks a lot for helping me...
    • Darth Android
      Darth Android about 11 years
      sftp will have whatever file restriction access you set up with permissions on the filesystem. You can set up sftp such that certain accounts require a public key to log in, and can only access the sftp subsystem (not a shell). You might also try ftps, which is ftp's encrypted big brother. ftps+chroot would probably work here.
    • ZaSter
      ZaSter about 11 years
      The question is confusing. Just a tiny bit of research would find that SCP and SFTP are SSH-based programs. Yet your question asks how to "transfer without SSH", and at the same time you say that you are trying to find an SFTP configuration.
    • voretaq7
      voretaq7 about 11 years
      Please don't crosspost. You've asked this exact same question on SuperUser ...
    • ceejayoz
      ceejayoz about 11 years
      "Is there a way to limit the SSH access on my server, and then only my client could do ssh/sftp into it?" You mean like a key or strong passphrase? A hacky workaround solution is likely to be far less secure than a properly secured SSH install.
    • rougeExciter
      rougeExciter about 11 years
      Perhaps you're looking for the concept of a "sftp chroot jail"?
    • Michael Hampton
      Michael Hampton about 11 years
  • Danila Ladner
    Danila Ladner about 11 years
    Isn't webdav an extension of the HTTP protocol? So files on the disk will be owned by webserver user?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

What's the difference between SCP and SFTP?
Is there a GUI alternative to Putty SSH for transferring files?
How to copy entire folder from Amazon EC2 Linux instance to local Linux machine?
Adding Support for SCP and SFTP for Curl on Linux
Rename file while using SFTP to append date
Is it possible to copy files from local windows directory to remote linux directory?
Getting "Command not found" when using pscp command
AWS Ec2 - Scp File Transfer Permission Denied
SFTP failing with "Match Group" clause
Why is rsync 2x faster than sftp?