Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I want to know about the basic differences between sftp and vsFTPd.
I found out some differences but my basic doubt is:
How is vsFTP functionally different/"more secure" from sftp.
well they are totally different protocols. sftp emulates the ftp synatx, but it's not actually ftp at all, just running through ssh instead. you can ftp (with or without ssl) to a vsftpd server, but you can't ftp to an sftp server, you only sftp / scp to it, so your client needs very different capabilities.
Advantage of VSFTP is that it has built-in jail functionality, so a user can only access the homedirectory and not snoop around in other directories; this requires one line in the config file.
You can achieve the same with sftp, but it requires significant more work.
Another difference is that FTP by nature is insecure while SFTP is secure. FTP also has another variant called FTPS (FTP over SSL) that is a secure form of FTP.
For a server that supports all the protocols FTP, FTPS, SFTP etc. you might take a look at JSCAPE Secure FTP Server.
Sftp is probably more robust than FTP, HOWEVER, it has one very significant drawback.
sftp users by default can see directories and files of other users and for example can download files that ends up in /tmp
It is possible to jail users on versions of openssh after 4.9 but this is not (properly) supported by RH5 or Centos 5. It requires serious hacking to get it to work and no solution offers simple maintenance. All solutions require compiling of code.
So ftp may be the only answer in cases where you dont want users snooping around.
Hi.
I know it's a dead thread but hopefully someone can find this interesting.
There are now several guides on the net on howto configure OpenSSH to work
with a chrooted SFTP server.
I found this one to work easiest for me.
See the last bullit to configure using built-in options.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.