Hey mpapet1!
Quote:
Originally Posted by mpapet
1. It sounds like your web server is in a DMZ. (it should be anyway) Please confirm.
|
This is correct. I actually have three networks (well 4 if you count my public IP from my DSL provider) One for my public wifi, one for my server, and one for my lan. M0n0wall (hardware based firewall) handles all routing between the networks. NOTHING is allowed (from the net) into the LAN or Wifi networks. Only SSH, http, POP3, and SMTP are allowed into the server network via NAT. (FTP is currently not allowed in from the net)
Quote:
2. I don't like punching holes in the dmz to do what you want so I would set up ssh access to your web server, then do sftp with plink using the web server's public IP/DNS address. (plink.exe should be included with putty if you download the entire installer)
|
This is what I thought I was going to have to do. Since I already have SSH setup, I just need to get sftp on the windows machine that I want to sftp into the server with. The Putty I have only lists, "RAW", "Telnet", "Rlogin", and "SSH" as protocols. While I'm not familiar with sftp, I'm assuming it is tunneling ftp traffic via SSH, correct? So nothing additional needs to be setup on the server other than SSH and FTP, correct?
Quote:
3. I'm a security nut, so I use public keys to access my ssh/sftp and move sshd to another port. Make sure whatever port you use is open on your firewall. If you stay with default port 22 you will be hammered by script kiddies.
|
I have had port 22 open FOREVER on my firewall so that I can SSH in. Maybe I should rethink that...
Now I have to figure out a way to automate all of this. I really don't want to have to manually do this every day...