4.16. Transferencia segura de archivos
During normal system administration one usually needs to transfer files in and out from the installed system. Copying files in a secure manner from a host to another can be achieved by using the ssh server package. Another possibility is the use of ftpd-ssl, a ftp server which uses the Secure Socket Layer to encrypt the transmissions.
Any of these methods need special clients. Debian does provide client software, such as scp
from the ssh package, which works like rcp
but is encrypted completely, so the bad guys cannot even find out WHAT you copy. There is also a ftp-ssl package for the equivalent server. You can find clients for these software even for other operating systems (non-UNIX), putty
and winscp
provide secure copy implementations for any version of Microsoft's operating system.
Note that using
scp
provides access to the users to all the file system unless
chroot
'ed as described in
Sección 5.1.1, “Chrooting ssh”. FTP access can be
chroot
'ed, probably easier depending on you chosen daemon, as described in
Sección 5.3, “Asegurando FTP”. If you are worried about users browsing your local files and want to have encrypted communication you can either use an ftp daemon with SSL support or combine clear-text ftp and a VPN setup (see
Sección 8.5, “Redes virtuales privadas”).