[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: safe remote upload-only access

rlharris@hal-pc.org wrote:
> What is a good, secure way to give a remote user on a Windows machine
> access to a Debian machine so that he may upload proprietary files
> every few days?
> ...
> I have considered rsync, scp, and setting up a ftp server.  My primary
> concern is safety of the Debian host.

Here is one thought.  I would write a small web form to be uploaded to
through https.  Everything can do http these days.  But that would
require some small amount of web development in order to put that in
place.  But once done then it is simple to use for the windows user
since it is simply a web form upload and secure for your machine.  The
advanced user can use wget/curl to automate uploads.

Here is another thought.  I would have the ms-windows user use ftp to
upload the files into a blind drop directory.  I would put the entire
thing into a chroot for extra security.  Then add a checking task to
ensure that warez isn't uploaded there, basically just check that only
the expected files are there and report anything otherwise.
Supporting this takes someone to keep an eye on it but it isn't
difficult and is also quiet easy for others to use.


Attachment: signature.asc
Description: Digital signature

Reply to: