Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: SFTP Design
Top Forums UNIX for Advanced & Expert Users SFTP Design Post 303017144 by Bagpuss on Thursday 10th of May 2018 05:11:26 AM
Old 05-10-2018
Question SFTP Design
Hi all,

I'm seeking an efficient and secure means of providing multiple named users access to files by their functional areas. For security, I've chosen SFTP using key pair authentication.

The general principle is we have multiple users as follows:
  1. We have two type of files for Function A and Function B
  2. Users A and B in Team X can get/put both Function A files and Function B files
  3. Users C and D in Team Y can get/put only Function A files
  4. Users E and F in Team Z can get/put only Function B files

Directory structure would be:
Code:
../Files/FunctionA
../Files/FunctionB

I want to ensure users A and B can access all files so was thinking their home directory would be Files and they'd be a member of groups FunctionA and FunctionB

The other users would be members of the appropriate group and their home directory would be the equivalent directory

I'd imagine using a chroot jail to limit access if necessary?

Considering the need to create .ssh directories, I'm just a bit unsure if this heading the right way design-wise or whether there are better ways to do this without compromising security.

SFTP file server not available yet so just thinking through the approach - any thoughts/suggestions welcome!
Last edited by rbatte1; 05-10-2018 at 08:29 AM..
 

7 More Discussions You Might Find Interesting

1. Programming

C++ class design

Can anybody tell me what is the best website or books to read for getting good knowledge in doing C++ class design. Please leave cplusplus.com or bjorne stroustrup. Other than these is there any website or book. Please do tell me (0 Replies)
Discussion started by: dhanamurthy
0 Replies

2. Programming

c++, design patterns and Unix

I know this is C Unix section, still I address a C++ question. How often did you see/use/apply or consider is welcome to write C++ code on Unix, based on 'design patters'? Since I'm at the very beginning with Unix programming, I have this doubt, ... about DP techniques and languages where to apply... (3 Replies)
Discussion started by: mihk
3 Replies

3. Shell Programming and Scripting

I want to design a program

i want to make a shell program. This program i give a current day and the result is to appear the celebrity and birthday(birthday and celebration is 2 txt files). In addition this procedure must do for a space day in future or past depend on user choice. Finally the program can run and as... (2 Replies)
Discussion started by: mytilini boy
2 Replies

4. Shell Programming and Scripting

shell design

i want to design the shell for some basic commands such as cp mkdir rm mv etc... so please let me know how to start and wich all books to refer and if any body is having the model just mail me at, devskamat018@gmail.com:) i will be waiting please reply soon (1 Reply)
Discussion started by: devaray
1 Replies

5. Shell Programming and Scripting

SFTP-how to log individual sftp command error while executing shell script

Hi, I have situation where i need to automate transferring 10000+ files using sftp. while read line do if ; then echo "-mput /home/student/Desktop/folder/$line/* /cygdrive/e/folder/$line/">>sftpCommand.txt fi done< files.txt sftp -b sftpCommand.txt stu@192.168.2.1 The above... (1 Reply)
Discussion started by: noobrobot
1 Replies

6. Red Hat

Chroot sftp users, remote sftp login shows wrong timestamp on files

Hello, I have a weird issue, I have RHEL 5.7 running with openssh5.2 where sftpgroup OS group is chroot. I see the difference difference in timestamp on files, when I login via ssh and SFTP, I see four hour difference, is something missing in my configuration. #pwd... (8 Replies)
Discussion started by: bobby320
8 Replies

7. Shell Programming and Scripting

Sftp : not able to print the echo statements after the sftp transfer

I had the below sftp script working perfectly but the problem is I am not able to send the echo statements . #!/bin/sh echo "Starting to sftp..." sftp admin@myip << END_SCRIPT cd /remotepath/ lcd /localpath/ mget myfiles*.csv bye END_SCRIPT echo "Sftp successfully." echo echo... (11 Replies)
Discussion started by: scriptscript
11 Replies

LEARN ABOUT X11R4

sftp-server

sftp-server(1M)                                           System Administration Commands                                           sftp-server(1M)

NAME

       sftp-server - SFTP server subsystem

SYNOPSIS

       /usr/lib/ssh/sftp-server

DESCRIPTION

       sftp-server implements the server side of the SSH File Transfer Protocol as defined in the IETF draft-ietf-secsh-filexfer.

       sftp-server is a subsystem for sshd(1M) and must not be run directly. There are no options or config settings.

       To enable the sftp-server subsystem for sshd add the following to /etc/ssh/sshd_config:

       Subsystem   sftp     /usr/lib/ssh/sftp-server

       See sshd_config(4) for a description of the format and contents of that file.

       There is no relationship between the protocol used by sftp-server and the FTP protocol (RFC 959) provided by in.ftpd.

EXIT STATUS

       The following exit values are returned:

       0        Successful completion.

       >0       An error occurred.

FILES

       /usr/lib/sftp-server

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE         |      ATTRIBUTE VALUE        |
       +-----------------------------+-----------------------------+
       |Availability                 |SUNWsshdu                    |
       +-----------------------------+-----------------------------+
       |Interface Stability          |Evolving                     |
       +-----------------------------+-----------------------------+

SEE ALSO

       sftp(1), ssh(1), ssh-add(1), ssh-keygen(1), sshd(1M), sshd_config(4), attributes(5)

       To  view  license  terms,  attribution,  and  copyright  for OpenSSH, the default path is /var/sadm/pkg/SUNWsshdr/install/copyright. If the
       Solaris operating environment has been installed anywhere other than the default, modify the given path to access the file at the installed
       location.

AUTHOR

       Markus Friedl

SunOS 5.10                                                          30 Jul 2003                                                    sftp-server(1M)
All times are GMT -4. The time now is 08:11 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy