|
>Hi, > I have a unique ssh/sftp requirement. I have two networks >separated by a firewall. I would like to allow anyone on my "internal" >network to ssh to my "external" network but I would like to control who >is allowed to sftp/scp files from my internal network to my external >network. How can I do this? Is there a way to do this if my firewall >doesn't support controlling such an activity? Will setting up some kind >of internal proxy/port forwarding server do the trick? > >The version that I am using is: >OpenSSH_4.1, OpenSSL 0.9.7e 25 Oct 2004 >HP-UX Secure Shell - A.04.00.000 Hello Jim, The sftp/scp commands internally make use of ssh for remote connection. So you can't control sftp/scp providing access only to ssh. For scp, the remote machine (sshd) invoke scp process and for sftp it invokes sftp-server subsystem. So you can completely disable sftp/scp by removing them in the remote system. But that happens only after Authenticating the user :( regards, Visolve Security Consulting Group. |
- Unique ssh/sftp requirement Odaniel, Jim (Mission Systems)
- Re: Unique ssh/sftp requirement Robert Hajime Lanning
- Re: Unique ssh/sftp requirement Landry Brunel
- Re: Unique ssh/sftp requirement Johan De Meersman
- Re: Unique ssh/sftp requirement Visolve Security Consulting Group
