Hi everyone! I have maked a ftp server with vsftpd with local user authentication, everything works fine. I want to use sftp not ftp. When using ftp the users are jailed in their home dir /srv/ftp/ and they can`t see other files, If i login with sftp the user can see all system files. The problem is how can i make it to sftp too?
Any help will be appreciated!
Cheers!
First of all you should be aware there is a bit of confusion over the acronym sftp.
sftp usually means file transfer over ssh and is handled by the openssh software as a protocol extension, but some people think it is related to ftp. No it isn’t. Different protocol, different port.
However there is something which is sometimes called sftp, but I prefer to call ftp over ssl, or ftps. This is related to ftp in the same way pop3 is related to pop3s, imap is related to imaps, etc, and in fact is supported by vsftpd.
Now as for a home directory jail for sftp, it is not possible with the stock ssh package. You have to apply a patch to the source (there are several suggested ones floating around the net but none is official I think), and then compile a new sftp server program.
ftp over ssl can do home directory jails. But you need to use a ftp client, not a ssh client, to connect. Filezilla and gftp are suitable.
And if you are behind a NAT firewall, ftps has some complications involving port forwarding, over and above the hassles of reaching a ftp server through a firewall.
So both paths have hassles.
thanks for the reply! I know its a different protocol and use port 22 instead of 21. The firewall is not a problem now, i can configure it. So you are saying that ftp ovel ssl suports home jail. All i want to do is make a secure connection (a secure login and a encrypted transfer) it`s not necessary to use a different protocol like sftp, like i said a secure connection and users to be jail in their home dir /srv/ftp.
Cheers!