LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   sftp versus vsFTPd (https://www.linuxquestions.org/questions/linux-software-2/sftp-versus-vsftpd-590454/)

indiancosmonaut 10-09-2007 02:25 AM
sftp versus vsFTPd
 
Hi,

I want to know about the basic differences between sftp and vsFTPd.
I found out some differences but my basic doubt is:
How is vsFTP functionally different/"more secure" from sftp.

Thanks in advance!

Kind regards,

indiancosmonaut

acid_kewpie 10-09-2007 03:15 AM
well they are totally different protocols. sftp emulates the ftp synatx, but it's not actually ftp at all, just running through ssh instead. you can ftp (with or without ssl) to a vsftpd server, but you can't ftp to an sftp server, you only sftp / scp to it, so your client needs very different capabilities.

Wim Sturkenboom 10-09-2007 04:43 AM
Advantage of VSFTP is that it has built-in jail functionality, so a user can only access the homedirectory and not snoop around in other directories; this requires one line in the config file.
You can achieve the same with sftp, but it requires significant more work.

vglass 11-26-2007 11:56 AM
ftp v.s. sftp
 
Another difference is that FTP by nature is insecure while SFTP is secure. FTP also has another variant called FTPS (FTP over SSL) that is a secure form of FTP.

For a server that supports all the protocols FTP, FTPS, SFTP etc. you might take a look at JSCAPE Secure FTP Server.

http://www.jscape.com/secureftpserver/

YouNix 08-20-2010 12:46 PM
SFTP vs FTP
 
Sftp is probably more robust than FTP, HOWEVER, it has one very significant drawback.
sftp users by default can see directories and files of other users and for example can download files that ends up in /tmp
It is possible to jail users on versions of openssh after 4.9 but this is not (properly) supported by RH5 or Centos 5. It requires serious hacking to get it to work and no solution offers simple maintenance. All solutions require compiling of code.
So ftp may be the only answer in cases where you dont want users snooping around.

briar354 01-10-2011 11:24 PM
Time changes everything
 
Hi.
I know it's a dead thread but hopefully someone can find this interesting.
There are now several guides on the net on howto configure OpenSSH to work
with a chrooted SFTP server.

I found this one to work easiest for me.
See the last bullit to configure using built-in options.


http://www.minstrel.org.uk/papers/sftp/



Cheers


All times are GMT -5. The time now is 01:05 PM.