Re: SFTP questions



On Sep 18, 5:38 am, Nico Kadel-Garcia <nka...@xxxxxxxxx> wrote:
On Sep 17, 7:21 pm, Dadoo <dadoo3...@xxxxxxxxx> wrote:

Hmm. Would a 'pull' model, with the clients pulling from an HTTPS
based source control system like Subversion or git work better? That
keeps the umask part of the client's setup in the client's
configuration.

I'm not sure. I'd have to check with my clients. It would, at the very
least, require a significant change in the way they do things, which
I'd obviously like to avoid. If I can get them to sign off on it,
though, it might be worth a try.

Your concerns about signatures are understandable, but
somewhat misplaced. Externally signed keys and signature authorities
are far, far too easy to buy or steal, and historically rather
difficult to revoke.

That's interesting. I wasn't aware of that. That will involve more
change, but since it will only be having a client log in manually once
(to accept the key), that might be doable.

Thanks for your help.
.