Re: How to get sftp more secure?

Hello,

tech11 a écrit :

SSH is good to use, but it lead out one safety question, if you keep port '22' open, someone may use sftp to transfer data, it's not permited in our LAN, how to resove the question?

If you mean to disable the sftp function on your sshd daemon, just comment out the following line in /etc/ssh/sshd_config :

Subsystem sftp /usr/lib/sftp-server

The 'sshd_config' and 'sftp-server' manpages should tell you about the details. But keep in mind that there are other means than sftp to transfer data over SSH.

Either if have a way to recode the data transfer, just like vsftpd doing, I may check the recode and get to know what's happening, it'll be acceptable also.

Huh ?
.

Relevant Pages

  • Two NIC Configuration Help Needed
    ... LAN. ... Both cards apparently are functioning properly. ... I can access SFTP and control via VNC from the private LAN ...
    (alt.os.linux.suse)
  • Two NIC Configuration Help Needed
    ... second one in on an private internal LAN. ... Both cards apparently are functioning properly. ... I can access SFTP and control via VNC from the private LAN ...
    (comp.os.linux.networking)
  • Re: NFS or SCP ??
    ... > Is this something you would normally do using NFS? ... There are numerous ways to transfer data, ... SSH (SFTP, SCP) ...
    (comp.os.linux.security)
  • Re: How to get sftp more secure?
    ... '22' open, someone may use sftp to transfer data, it's not permited in our ... Either if have a way to recode the data ... To disable sftp, you can eliminate the Subsystem sftp line from ... I always recommend moving the ssh port away from 22 just because ...
    (comp.os.linux.security)
  • Re: How to get sftp more secure?
    ... '22' open, someone may use sftp to transfer data, it's not permited in our ... Just remove the sftp subsystem from sshd_config, ... ssh protocol 2 only, reload ssh, done. ... it can do for you in regards to logging file transfers. ...
    (comp.os.linux.setup)