Re: [Sheflug] secure transfer to remote site.

["Marcus D. Hanwell" <linux [at] xxxxxxxxx>]

Chris Johnson wrote:

> > Department of Tortuous Solutions: get the client to mail the
> > server when
> > it's created the script.  Then get the server to ftp the file
> > from the
> > client.
> >
> >    
> Thanks for those solutions (?) I'll see what I can sort out with them.
> Although I don't believe in "obscurity is security" it might end up being
> that way as this is just an interim project gathering data from many sites
> to see if a full project is required.  I'm trying to minimise the number of
> files required at the client site and minimise any client input as this can
> only lead to problems ;0)
>  
You could also use rssh (http://rssh.sourceforge.net/) and set up a user 
with only scp/sftp access, and set up the passwordless log on as 
suggested by Bill Best. Give that user a directory, and only allow it to 
write to that one directory. Then the worst that could happen is a 
hacker could read/write lots of files to that one directory...

Should work pretty well - and be pretty secure so long as you only use 
that account for this and restrict it to the rssh shell.
___________________________________________________________________

Sheffield Linux User's Group -
http://www.sheflug.co.uk/mailfaq.html

 GNU the choice of a complete generation.