Am Sat, 29 Apr 2017 20:30:03 +0100 schrieb lee <l...@yagibdah.de>: > Danny YUE <sheepd...@gmail.com> writes: > > > On 2017-04-25 14:29, lee <l...@yagibdah.de> wrote: > >> Hi, > >> > >> since the usage of FTP seems to be declining, what is a replacement > >> which is at least as good as FTP? > >> > >> I'm aware that there's webdav, but that's very awkward to use and > >> missing features. > > > > What about sshfs? It allows you to mount a location that can be > > accessed via ssh to your local file system, as if you are using > > ssh. > > Doesn't that require ssh access? And how do you explain that to ppl > finding it too difficult to use Filezilla? Is it available for > Windoze?
Both, sshfs and scp, require a full shell (that may be restricted but that involves configuration overhead on the server side). You can use sftp (FTP wrapped into SSH), which is built into SSH. It has native support in many Windows clients (most implementations use PuTTY in the background). It also has the advantage that you can easily restrict users on your system to SFTP-only with an easy server-side configuration. > > Also samba can be a replacement. I have a samba server on my OpenWRT > > router and use mount.cifs to mount it... > > Does that work well, reliably and securely over internet connections? It supports encryption as transport security, and it supports kerberos for secure authentication, the latter is not easy to setup in Linux, but it should work with Windows clients out-of-the-box. But samba is a pretty complex daemon and thus offers a big attack surface for hackers and bots. I'm not sure you want to expose this to the internet without some sort of firewall in place to restrict access to specific clients - and that probably wouldn't work for your scenario. But you could offer access via OpenVPN and tunnel samba through that. By that time, you can as easily offer FTP, too, through the tunnel only, as there should be no more security concerns now: It's encrypted now. OpenVPN also offers transparent compression which can be a big plus for your scenario. OpenVPN is not too difficult to setup, and the client is available for all major OSes. And it's not too complicated to use: Open VPN connection, then use your file transfer client as you're used to. Just one simple extra step. -- Regards, Kai Replies to list-only preferred.
