SFTP Design


 
Thread Tools Search this Thread
Top Forums UNIX for Advanced & Expert Users SFTP Design
# 1  
Old 05-10-2018
Question SFTP Design

Hi all,

I'm seeking an efficient and secure means of providing multiple named users access to files by their functional areas. For security, I've chosen SFTP using key pair authentication.

The general principle is we have multiple users as follows:
  1. We have two type of files for Function A and Function B
  2. Users A and B in Team X can get/put both Function A files and Function B files
  3. Users C and D in Team Y can get/put only Function A files
  4. Users E and F in Team Z can get/put only Function B files

Directory structure would be:
Code:
../Files/FunctionA
../Files/FunctionB

I want to ensure users A and B can access all files so was thinking their home directory would be Files and they'd be a member of groups FunctionA and FunctionB

The other users would be members of the appropriate group and their home directory would be the equivalent directory

I'd imagine using a chroot jail to limit access if necessary?

Considering the need to create .ssh directories, I'm just a bit unsure if this heading the right way design-wise or whether there are better ways to do this without compromising security.

SFTP file server not available yet so just thinking through the approach - any thoughts/suggestions welcome!

Last edited by rbatte1; 05-10-2018 at 08:29 AM..
# 2  
Old 05-10-2018
Code:
mkdir /home/teamX
cd /home/teamX #home directory of users A and B
mkdir teamY      #home directory of users A
mkdir teamZ      #home directory of users B

# 3  
Old 05-10-2018
Why have you chosen SFTP ?

If you require PUT / GET operations on directories with user management, i would go HTTPS.
There are open and free solutions on multiple platforms offering REST api nowdays.

If you do use SFTP, be sure your users do not have working shell and are chrooted.
As for shared directory, you could use mount bind option, if available.

There are other ways as well, depending on your operating system, which you should specify.

Hope that helps
Regards
Peasant.
Login or Register to Ask a Question

Previous Thread | Next Thread

7 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Sftp : not able to print the echo statements after the sftp transfer

I had the below sftp script working perfectly but the problem is I am not able to send the echo statements . #!/bin/sh echo "Starting to sftp..." sftp admin@myip << END_SCRIPT cd /remotepath/ lcd /localpath/ mget myfiles*.csv bye END_SCRIPT echo "Sftp successfully." echo echo... (11 Replies)
Discussion started by: scriptscript
11 Replies

2. Red Hat

Chroot sftp users, remote sftp login shows wrong timestamp on files

Hello, I have a weird issue, I have RHEL 5.7 running with openssh5.2 where sftpgroup OS group is chroot. I see the difference difference in timestamp on files, when I login via ssh and SFTP, I see four hour difference, is something missing in my configuration. #pwd... (8 Replies)
Discussion started by: bobby320
8 Replies

3. Shell Programming and Scripting

SFTP-how to log individual sftp command error while executing shell script

Hi, I have situation where i need to automate transferring 10000+ files using sftp. while read line do if ; then echo "-mput /home/student/Desktop/folder/$line/* /cygdrive/e/folder/$line/">>sftpCommand.txt fi done< files.txt sftp -b sftpCommand.txt stu@192.168.2.1 The above... (1 Reply)
Discussion started by: noobrobot
1 Replies

4. Shell Programming and Scripting

shell design

i want to design the shell for some basic commands such as cp mkdir rm mv etc... so please let me know how to start and wich all books to refer and if any body is having the model just mail me at, devskamat018@gmail.com:) i will be waiting please reply soon (1 Reply)
Discussion started by: devaray
1 Replies

5. Shell Programming and Scripting

I want to design a program

i want to make a shell program. This program i give a current day and the result is to appear the celebrity and birthday(birthday and celebration is 2 txt files). In addition this procedure must do for a space day in future or past depend on user choice. Finally the program can run and as... (2 Replies)
Discussion started by: mytilini boy
2 Replies

6. Programming

c++, design patterns and Unix

I know this is C Unix section, still I address a C++ question. How often did you see/use/apply or consider is welcome to write C++ code on Unix, based on 'design patters'? Since I'm at the very beginning with Unix programming, I have this doubt, ... about DP techniques and languages where to apply... (3 Replies)
Discussion started by: mihk
3 Replies

7. Programming

C++ class design

Can anybody tell me what is the best website or books to read for getting good knowledge in doing C++ class design. Please leave cplusplus.com or bjorne stroustrup. Other than these is there any website or book. Please do tell me (0 Replies)
Discussion started by: dhanamurthy
0 Replies
Login or Register to Ask a Question