sftp – Page 5 – WindowsTechs.com

How does a client authenticate an SFTP server if there are no keys shared in advance?

Posted on November 10, 2017 by Jaxidian

For FTPS, we rely on the DNS and public PKI to authenticate the FTP server when we first connect. On the first connection, foo.example.com resolves to 1.2.3.4 and my connection comes back encrypted by a private key that I can… Continue reading How does a client authenticate an SFTP server if there are no keys shared in advance?→

SSH and SFTP Setup using sshd_config

Posted on July 26, 2017 by Kyhle Ohlinger

I am aware that this is security through obscurity, however this is for training purposes and will not be accessible via the Internet. It will merely be used as an internal tool.

I have looked at the following link:
How to d… Continue reading SSH and SFTP Setup using sshd_config→

Is it safe to use this embedded ftp server?

Posted on July 13, 2017 by oɔɯǝɹ

We are using a software suite for automation of FTP traffic. It uses the Apache Mina FtServer component as an embedded FTP server (for FTPS and SFTP).

The use of this library has been flagged as a security concern. The reaso… Continue reading Is it safe to use this embedded ftp server?→

How to lock down Windows machine, so it ONLY accepts SFTP connections and RDP?

Posted on June 25, 2017 by user3703618

I am looking for guidance on how to lock down a Windows machine as much as possible and only allow two things to run:

SFTP Server
Remote connections for maintenance.

The purpose of this is a remote backup server (over the… Continue reading How to lock down Windows machine, so it ONLY accepts SFTP connections and RDP?→

Does an unused ftp account pose a security risk?

Posted on June 16, 2017 by Jacob Henning

I’m using BlueHost and have a few websites on my hosting. I decided to stop being lazy and start implementing some better security policies on my own part.

Since FTP isn’t secure, I changed to SFTP. The odd thing is that Blu… Continue reading Does an unused ftp account pose a security risk?→

Editing php files in web browser

Posted on June 10, 2017 by Marko Dakič

For some reason my notepad++ can’t connect via SFTP since yesterday so I was thinking about editing my site via CPanel file manager which has https.

I never thought about editing my site in this way, so I’m wondering if it’… Continue reading Editing php files in web browser→

How safe is it to edit PHP files in Web browser via CPanel?

Posted on June 10, 2017 by Marko Dakič

For some reason my Notepad++ can’t connect via SFTP since yesterday so I was thinking about editing my site via CPanel file manager which has HTTPS.

I never thought about editing my site in this way, so I’m wondering if it’… Continue reading How safe is it to edit PHP files in Web browser via CPanel?→

Client sent me an OpenPGP key; I need to generate key for SSH authentication on FTP server

Posted on May 3, 2017 by nvergos

One of my responsibilities is the monitoring of our company’s SFTP sever, and making sure our clients upload the files we need from them daily. Until now they had username/password access, but we want to migrate to public key access for se… Continue reading Client sent me an OpenPGP key; I need to generate key for SSH authentication on FTP server→

Sending credit-card numbers through SFTP?

Posted on April 11, 2017 by gonisimchuk

I need to send credit-card numbers and other information through SFTP. What considerations should I have? Recommendations? Is valid encrypt this numbers? What does PCI say about this?

Continue reading Sending credit-card numbers through SFTP?→

How to secure SFTP against symlink attack?

Posted on March 16, 2017 by Mirsad

I’ve configured SFTP on my virtual machine, because I wanted to test how can I use symlink in order to access files outside from user home directory.

I’ve created user:

test:x:1003:1001::/var/www/test/public:/bin/false

Ow… Continue reading How to secure SFTP against symlink attack?→