SFTP Design Post: 303017144

Sponsored Content

Top Forums UNIX for Advanced & Expert Users SFTP Design Post 303017144 by Bagpuss on Thursday 10th of May 2018 05:11:26 AM

05-10-2018

Registered User

SFTP Design

Hi all,

I'm seeking an efficient and secure means of providing multiple named users access to files by their functional areas. For security, I've chosen SFTP using key pair authentication.

The general principle is we have multiple users as follows:

We have two type of files for Function A and Function B
Users A and B in Team X can get/put both Function A files and Function B files
Users C and D in Team Y can get/put only Function A files
Users E and F in Team Z can get/put only Function B files

Directory structure would be:

Code:

../Files/FunctionA
../Files/FunctionB

I want to ensure users A and B can access all files so was thinking their home directory would be Files and they'd be a member of groups FunctionA and FunctionB

The other users would be members of the appropriate group and their home directory would be the equivalent directory

I'd imagine using a chroot jail to limit access if necessary?

Considering the need to create .ssh directories, I'm just a bit unsure if this heading the right way design-wise or whether there are better ways to do this without compromising security.

SFTP file server not available yet so just thinking through the approach - any thoughts/suggestions welcome!

Last edited by rbatte1; 05-10-2018 at 08:29 AM..

Bagpuss

View Public Profile for Bagpuss

Find all posts by Bagpuss

7 More Discussions You Might Find Interesting

1. Programming

C++ class design

Can anybody tell me what is the best website or books to read for getting good knowledge in doing C++ class design. Please leave cplusplus.com or bjorne stroustrup. Other than these is there any website or book. Please do tell me

2. Programming

c++, design patterns and Unix

I know this is C Unix section, still I address a C++ question. How often did you see/use/apply or consider is welcome to write C++ code on Unix, based on 'design patters'? Since I'm at the very beginning with Unix programming, I have this doubt, ... about DP techniques and languages where to apply...

3. Shell Programming and Scripting

I want to design a program

i want to make a shell program. This program i give a current day and the result is to appear the celebrity and birthday(birthday and celebration is 2 txt files). In addition this procedure must do for a space day in future or past depend on user choice. Finally the program can run and as...

4. Shell Programming and Scripting

shell design

i want to design the shell for some basic commands such as cp mkdir rm mv etc... so please let me know how to start and wich all books to refer and if any body is having the model just mail me at, devskamat018@gmail.com:) i will be waiting please reply soon

5. Shell Programming and Scripting

SFTP-how to log individual sftp command error while executing shell script

Hi, I have situation where i need to automate transferring 10000+ files using sftp. while read line do if ; then echo "-mput /home/student/Desktop/folder/$line/* /cygdrive/e/folder/$line/">>sftpCommand.txt fi done< files.txt sftp -b sftpCommand.txt stu@192.168.2.1 The above...

6. Red Hat

Chroot sftp users, remote sftp login shows wrong timestamp on files

Hello, I have a weird issue, I have RHEL 5.7 running with openssh5.2 where sftpgroup OS group is chroot. I see the difference difference in timestamp on files, when I login via ssh and SFTP, I see four hour difference, is something missing in my configuration. #pwd...

7. Shell Programming and Scripting

Sftp : not able to print the echo statements after the sftp transfer

I had the below sftp script working perfectly but the problem is I am not able to send the echo statements . #!/bin/sh echo "Starting to sftp..." sftp admin@myip << END_SCRIPT cd /remotepath/ lcd /localpath/ mget myfiles*.csv bye END_SCRIPT echo "Sftp successfully." echo echo...

LEARN ABOUT OSX

createhomedir

createhomedir(1)					    BSD General Commands Manual 					  createhomedir(1)

NAME

     createhomedir -- create and populate home directories on the local computer.

SYNOPSIS

     createhomedir [-scbalh] [-n directoryDomainName] [-u username]

DESCRIPTION

     createhomedir provides several options for creating and populating home directories.

OPTIONS

     -s       creates home directories for server home paths only (default).

     -c       creates home directories for local home paths only.

     -b       creates home directories for both server and local home paths.

     -a       creates home directories for users defined in all directory domains of the server's search path.

     -l       creates home directories for users defined in the local directory domain.

     -n directoryDomainName
	      creates home directories for users defined in a specific directory domain in the server's search path.

     -u username
	      creates a home directory for a specific user defined in the domain(s) identified in the -a, -l, or -n parameter. If you omit the -a,
	      -l, and -n parameters when you use the -u parameter, -a is assumed.

     -i       reads username list from standard input and creates specified home directories. Each username should be on its own line.

     -h       usage help.

FILES

     /usr/sbin/createhomedir			   location of tool

CAVEATS

     When using the -a option, search limits of various directory servers (such as Open Directory or Active Directory) can prevent all possible
     home directories from being created. In this case, you may need to specify the usernames explicitly.

Mac OS X							   June 1, 2019 							  Mac OS X