homepage Welcome to WebmasterWorld Guest from 54.205.189.156
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
Forum Library, Charter, Moderators: bakedjake

Linux, Unix, and *nix like Operating Systems Forum

    
Secure way to FTP as root?
JohnKelly




msg:913506
 2:06 am on Apr 18, 2004 (gmt 0)

Running RedHat Enterprise on a dedicated box, and I'd like to be able to transfer files such as httpd.conf rather than edit via shell. Is their a secure way to do this?

Also, can PHP script under one vhost read/write files under another vhost? I have several domains with ads, and like to run a tracking script common to them all.

 

MattyMoose




msg:913507
 3:25 am on Apr 18, 2004 (gmt 0)

Don't use FTP. Period.
There's no reason to use FTP, since everything is in clear-text (username/password/data). The chances of someone sniffing the network on either end and obtaining your u/p are slim, but why take the risk?

Use SCP instead. There are many graphical front-ends for scp. Your username and password are encrypted along with the rest of the traffic.

the format from teh command line (*NIX box) is simple:
scp locafilename.tgz remotehost:/path/to/remote/location

You can also set up authorized keys to use, so you don't even have to enter in your username and password, it's all based off of your public key (SSH key). Although not so secure as well, if you trust the box you're on, it can be a time saver.

easy. :)

-MM

bcc1234




msg:913508
 3:48 am on Apr 18, 2004 (gmt 0)

Don't use SCP. Period.

It uses SSH version 1 which has flaws.

Use SFTP, which uses SSH version 2 to do the same thing.

dingman




msg:913509
 4:40 am on Apr 18, 2004 (gmt 0)

Matty is right. Never use FTP. It is *only* excusable for anonymous use, and I'd try to avoid it there, too, for different reasons. If there is a username and a password, then you shouldn't be using FTP.

However, you can safely use most modern FTP clients to transfer files using the SFTP capabilities of the SSH2 protocol. Off the top of my head, I know for sure that Transmit (Mac) and CuteFTP (Windows) support it, as does gFTP (Linux/Unix). Depending on the program, it may be called "SFTP", "Secure FTP", or "SSH2". These are all the same thing, and can be used with the OpenSSH server that is installed by default anymore on any *nix system worthy of the name, including RHEL 3. If you don't need anonymous FTP, you can just uninstall your FTP server, and I recommend you do just that.

Better yet, for your purposes, run a local X server. Then you can just ssh to the server and run your editor from the command line, but get a pretty local-looking editor window that you can point and click at to your hart's content, without ever downloading and uploading the file. I do this all the time, and it's my favorite way to deal with small changes to remote files.

Unix desktops run X for their graphical interfaces anyway. (Unless they are Macs.) On Windows it's a bit harder, and I haven't used Windows in too long to tell you how. On a Mac, either install Fink (fink.sourceforge.net, I think) or if you have OS 10.3, just install the X server from the 3rd disk.

As for PHP scripts working on files in different vhosts, sure thing. The PHP script has access to the machine's file system. There might be file ownership and permission issues to work out, but it can certainly be done.

dingman




msg:913510
 4:44 am on Apr 18, 2004 (gmt 0)

bcc: you can safely use scp over protocol 2. Just make sure that the client and server are both configured for it. I think the default is still to fall back to protocol 1 if the other end can't do 2, but both client and server can be set up to simply refuse to participate in a protocol 1 session. It's how I configure all of mine, and scp still works.

bcc1234




msg:913511
 4:54 am on Apr 18, 2004 (gmt 0)

dingman, I know. I was just messing with MattyMoose's response.

Marcus Aurelius




msg:913512
 8:50 pm on Apr 18, 2004 (gmt 0)

Free program called winscp looks just like ftp and will work for ssh2 protocol.

JohnKelly




msg:913513
 3:00 am on Apr 20, 2004 (gmt 0)

Thanks for all the tips... I've downloaded winscp and it looks like it will do the trick :)

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved