From owner-freebsd-questions@FreeBSD.ORG Thu Aug 26 22:52:56 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4C87F10656A6 for ; Thu, 26 Aug 2010 22:52:56 +0000 (UTC) (envelope-from bill@celestial.com) Received: from dorsai-02.celestial.com (dorsai-02.celestial.com [192.136.111.19]) by mx1.freebsd.org (Postfix) with ESMTP id D8E7A8FC13 for ; Thu, 26 Aug 2010 22:52:55 +0000 (UTC) Received: from localhost (localhost.localdomain [127.0.0.1]) by dorsai-02.celestial.com (Postfix) with ESMTP id 96C632072D8E for ; Thu, 26 Aug 2010 15:52:54 -0700 (PDT) X-Virus-Scanned: amavisd-new at celestial.com Received: from dorsai-02.celestial.com ([127.0.0.1]) by localhost (dorsai-02.celestial.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id YdQa-BErMTLu for ; Thu, 26 Aug 2010 15:52:54 -0700 (PDT) Received: from ayn.mi.celestial.com (hayek.celestial.com [192.136.111.12]) by dorsai-02.celestial.com (Postfix) with ESMTP id 55A992072D87 for ; Thu, 26 Aug 2010 15:52:54 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by ayn.mi.celestial.com (Postfix) with ESMTP id 2E3CC68947902; Thu, 26 Aug 2010 15:52:54 -0700 (PDT) X-Virus-Scanned: amavisd-new at mi.celestial.com Received: from ayn.mi.celestial.com ([127.0.0.1]) by localhost (ayn.mi.celestial.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id gFwP-95X9mzQ; Thu, 26 Aug 2010 15:52:54 -0700 (PDT) Received: by ayn.mi.celestial.com (Postfix, from userid 203) id 0EE87689478E8; Thu, 26 Aug 2010 15:52:54 -0700 (PDT) Date: Thu, 26 Aug 2010 15:52:54 -0700 From: Bill Campbell To: freebsd-questions@freebsd.org Message-ID: <20100826225253.GB2034@ayn.mi.celestial.com> Mail-Followup-To: freebsd-questions@freebsd.org References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.19 OpenPKG/% (2009-01-05) Subject: Re: Advantage -vs- Disadvantage: SFTP -vs- SCP X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: freebsd@celestial.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Aug 2010 22:52:56 -0000 On Thu, Aug 26, 2010, Ed Flecko wrote: >Hi folks, >I have a server I'm building that is internet accessible and I'm >wondering if there's any advantages/disadvantages of using either SFTP >-vs- SCP? I would say that depends on what software the clients want to use. FileZilla works nicely with sftp, and is available on Windows, OS X, and I presume other *nix platforms (I'm a CLI guy so only have used it enough to be sure it works). One can also use the sshfs to provide the ability to mount remote file systems over an ssh connection. This requires nothing on the file server side other than working ssh. I haven't tried this on FreeBSD. On Linux it requires kernel support of fuse, user level file system. There's no reason one couldn't use both sftp and scp/sshfs. We generally don't allow any ssh password access, but require authorized_keys. In a few cases where the client absolutely insists on allowing password authentication, we lock it down to a limited set of IP addresses. We have been able to get many clients to use OpenVPN to make their connections which makes life easier after the initial setup as all connections are through the OpenVPN tunnel so we don't have to allow outside ssh access. Bill -- INTERNET: bill@celestial.com Bill Campbell; Celestial Software LLC URL: http://www.celestial.com/ PO Box 820; 6641 E. Mercer Way Voice: (206) 236-1676 Mercer Island, WA 98040-0820 Fax: (206) 232-9186 Skype: jwccsllc (206) 855-5792 If you make yourselves sheep, the wolves will eat you -- Benjamin Franklin