Advantage -vs- Disadvantage: SFTP -vs- SCP
m.seaman at infracaninophile.co.uk
Fri Aug 27 05:19:49 UTC 2010
On 26/08/2010 23:07:35, Ed Flecko wrote:
> I have a server I'm building that is internet accessible and I'm
> wondering if there's any advantages/disadvantages of using either SFTP
> -vs- SCP?
> My primary concern is overall security of the server (even if that
> means inconveniencing the end users), and I'm wondering if one method
> might be better than the other?
It depends what you mean by SFTP. If you mean the SSH sub-system (file
transfer tunnelled over SSH using a client which works like the FTP
client), then there is no practical difference in security compared to
scp(1). sftp(1) and scp(1) are very similar over the wire and
server-side: it's just the client interface that's different.
On the other hand, if you mean crusty old FTP tarted up with some SSL
trappings -- which should really be called FTPS, but lots of people are
confused about the naming -- then *run away*. It may run over SSL, but
it has all of the design flaws of regular FTP plus the fact that it's
over SSL means you can't even use firewall proxies like ftp-proxy(8).
If you want a means of secure upload that can be used natively from
windows, try WebDAV. You can, in theory, mount a WebDAV directory as a
partition in Windows, although this is a lot more painful than it needs
to be. (As they say: with Windows, failure is not an option). The same
thing on a Mac works beautifully, but then it's Unix already and you can
just use sftp or scp natively from Terminal.app. See the appendix to
the SVN manual for some useful hints:
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
JID: matthew at infracaninophile.co.uk Kent, CT11 9PW
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 267 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20100827/6a226688/signature.pgp
More information about the freebsd-questions