Re: logging file names with sftp

On Thu, Sep 03, 2009 at 11:26:57AM -0500, Derek Martin wrote:
The logging of individual file transfers arguably buys you very little
though, because the users are legitimate users who are authenticated.
This is generally quite a different situation from FTP installations,
where often the users are anonymous

If I understand correctly, many people run an sftp service which is
essentially an encrypted, NAT-capable version of anonymous FTP. They
offer files (or file hosting space) to a large group of barely-trusted
people, and want to limit or track abuse of the service.

The encryption may be used to prevent spying upon the traffic by
people outside the group.

The ability of sftp to sit behind a NAT firewall (which FTP cannot do --
not with a straight NAT without special hacks) may be essential to
many sites.

Relevant Pages

  • Re: firewalls that can ssl ftp?
    ... Secure Transfers ... Bruce Schneier's Blowfish encryption for data transfers. ... Secure SSL based Web Administration Portal ... Works with other FTP Clients/Servers ...
  • RE: Encryption for FTP/MAil/Web
    ... Subject: Encryption for FTP/MAil/Web ... Tunneling ftp through ssh ... ssl-ftp can encrypt the control & data channel; ... As for ssl-ftp servers, I only found one RFC compliant one for Windows; ...
  • Re: How to secure FTP?
    ... >> So I am also hearing in this thread that secure FTP isn't really ... It's meant more for encryption than anything else? ... > and password are required by the server in order to log on, ... > other mechanisms (such as SSL) that are supported by a number of third ...
  • RE: Encryption for FTP/MAil/Web
    ... Subject: Encryption for FTP/MAil/Web ... SSH only encrypts the authentication process, ... Im not quite sure on what SSL FTP daemons are out there, ...
  • Re: Secure FTP hosting
    ... A number of FTP hosting ... > SSL encryption which only protects files IN TRANSIT; ... using an encrypted FTP client is the way to go; ... > upload folder to a different folder or delete the files from the local PC ...