Secure File Upload

Robbie Bow robbiebow at gmail.com
Fri Nov 13 03:35:50 PST 2009


2009/11/12 Tom Hukins <tom at eborcom.com>:
> 1) Make the process as easy as possible for the uploader
> 2) Reduce the risk to my system, should the account become compromised
> 3) Reduce the chance of making the account compromised (encryption)
>

The lazy web suggests adding /path/to/openssh/sftp-server to
/etc/shells, making that the shell for the user, and then they can
only run SFTP commands, so any attempt at shell access will be
useless.


More information about the MiltonKeynes-pm mailing list