Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: OpenSSH and FTP

from [Jack Curtin] Network Security [Permanent Link]
Subject: RE: OpenSSH and FTP
Date: Tue, 3 Oct 2006 07:29:32 -0400 
I understand what scp does, but the issue here is that our ftp proxy is
completely custom.  It authenticates the user against an oracle database,
and performs TCP/IP communications with another process to determine the
location of a virtual directory to place and retrieve files for the user
logging in.  So, I can't just use SCP without our ftp proxy.  That is why I
was looking for a way to have the sshd process interact with our ftp proxy.


As for sftp, I agree that it would be a better fit, but we are locked into
using an scp client because of a customer requirement. 

Thanks to all of those who have responded to my question.  It looks like the
consensus so far is that it is not a good idea to attempt this.

-----Original Message-----
From: Javier Reyna Padilla [mailto:jreyna@onlinet.com.mx] 
Sent: Monday, October 02, 2006 5:50 PM
To: Jack Curtin
Cc: 'secureshell@securityfocus.com'
Subject: Re: OpenSSH and FTP

If you need to download/upload files,I think you can do that just with
scp, you can remove ftp and use just scp, rhe problem is that no much
people is familiarized with scp ( I don't know why!! Is a very common
tool), Otherwise, why don't you chech the new feature in Openssh sftp,
it is included in the new version.

http://www.openssh.com/txt/release-4.4

Jack Curtin wrote:

[Reposting in plain text as requested, sorry about that.]

Hi,

We have an application that allows users to login and submit/receive files
through a custom FTP proxy server.  We support most FTP clients.  We now
need to be able to support an SCP client (such as WinSCP).  I thought it
might be possible to use OpenSSH's sshd as an SSH wrapper for my FTP proxy
server.  What I want to do is perform an ftp connect at session start, an
ftp login for password authentication, and then an ftp put or get for
sending or receiving files.

Questions:

Is this a bad idea?  Is there a more straightforward way to accomplish

this?


I'm working my way through the code, but could you provide some guidance

on

the locations where I would need to add in my FTP logic as described

above? 

 

Thanks in advance for any help.


Jack Curtin
Senior Software Engineer -- Team Lead
M2 Systems Corporation
"Elite Software Engineering"
850 Trafalgar Court
Suite 100
Maitland, Florida 32751
Phone: (407) 551.1310  Fax: (407) 551.1423
E-Mail: jackcurtin@m2-corp.com
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: OpenSSH and FTP, Javier Reyna Padilla
Next by Date:  Re: How necessary is SSH_AUTH_SOCK?, Roland Turner (Security Focus)
Previous by Thread:  Re: OpenSSH and FTP, Javier Reyna Padilla
Next by Thread:  Announce: X.509 certificates support version 5.5.1 in OpenSSH 4.4p1, Roumen Petrov
Indexes:  [Date] [Thread] [Top] [All Lists]