RE: OpenSSH and FTP



I understand what scp does, but the issue here is that our ftp proxy is
completely custom. It authenticates the user against an oracle database,
and performs TCP/IP communications with another process to determine the
location of a virtual directory to place and retrieve files for the user
logging in. So, I can't just use SCP without our ftp proxy. That is why I
was looking for a way to have the sshd process interact with our ftp proxy.


As for sftp, I agree that it would be a better fit, but we are locked into
using an scp client because of a customer requirement.

Thanks to all of those who have responded to my question. It looks like the
consensus so far is that it is not a good idea to attempt this.

-----Original Message-----
From: Javier Reyna Padilla [mailto:jreyna@xxxxxxxxxxxxxx]
Sent: Monday, October 02, 2006 5:50 PM
To: Jack Curtin
Cc: 'secureshell@xxxxxxxxxxxxxxxxx'
Subject: Re: OpenSSH and FTP

If you need to download/upload files,I think you can do that just with
scp, you can remove ftp and use just scp, rhe problem is that no much
people is familiarized with scp ( I don't know why!! Is a very common
tool), Otherwise, why don't you chech the new feature in Openssh sftp,
it is included in the new version.

http://www.openssh.com/txt/release-4.4

Jack Curtin wrote:
[Reposting in plain text as requested, sorry about that.]

Hi,

We have an application that allows users to login and submit/receive files
through a custom FTP proxy server. We support most FTP clients. We now
need to be able to support an SCP client (such as WinSCP). I thought it
might be possible to use OpenSSH's sshd as an SSH wrapper for my FTP proxy
server. What I want to do is perform an ftp connect at session start, an
ftp login for password authentication, and then an ftp put or get for
sending or receiving files.

Questions:

Is this a bad idea? Is there a more straightforward way to accomplish
this?

I'm working my way through the code, but could you provide some guidance
on
the locations where I would need to add in my FTP logic as described
above?


Thanks in advance for any help.


Jack Curtin
Senior Software Engineer -- Team Lead
M2 Systems Corporation
"Elite Software Engineering"
850 Trafalgar Court
Suite 100
Maitland, Florida 32751
Phone: (407) 551.1310 Fax: (407) 551.1423
E-Mail: jackcurtin@xxxxxxxxxxx




Relevant Pages

  • Re: CARP and em0 timeout watchdog
    ... size and just scp testfile* to the other box). ... connect to 192.168.0.19 using ftp where ftp ... only slightly related to CPU speed on reasonably modern CPUs. ... Transfers over the LAN should not be impacted by this. ...
    (freebsd-stable)
  • Re: Linux FTP Security
    ... Use SSH and scp, sftp ext... ... WS_FTP Pro does FTP over SSL. ... > FTP does not send passwords in clear text. ...
    (comp.os.linux.security)
  • Re: two problems with OpenSSH and scp
    ... It may be that you actually have network problems causing what you see. ... SCP is, of course, encrypting the information across the wire. ... Of course, the reason I say it may be coincidence, is that you are having ... And FTP should be plain, ...
    (comp.security.ssh)
  • Re: [PHP] uploading really big files
    ... One also could imagine a write-only account, either in FTP or SCP ... I know I've seen this in FTP, and I don't see any reason SCP ...
    (php.general)
  • Re: Linux FTP Security
    ... Is there any open-source server and client for it? ... Most of my users cannot and will not switch to SCP. ... FTP does not send passwords in clear text. ... about open-source and refuse to support SCP. ...
    (comp.os.linux.security)