tags:

views:

39

answers:

3

Can any one please explain about SFTP and how do i set it up on my server to secure data transfer. It would be better if you explain step by step.

+1  A: 

You probably don't want to use SFTP. For secure file transfer with PHP, the simplest solution is TLS (HTTPS).

The exact steps depend on your web server.

Matthew Flaschen
+1  A: 

On a linux box, it's pretty much like this (assuming you have OpenSSH):

  • Edit sshd_config (in /etc/ssh on redhat flavors and clones), and uncomment the line that enables the SFTP subsystem. It's usually at the bottom of the file whenever i do this. If you don't see that line (that starts with "Subsystem sftp"), do this:
    • Find the "sftp-server" program in your filesystem (on my CentOS box, it's in /usr/libexec/openssh)
    • echo "Subsystem sftp /path/to/sshd-server" >>/path/to/sshd_config (NOTE THE TWO >'s! Put them both in, or you'll overwrite the existing SSH config!)
  • restart sshd however you do so. On redhat-flavored distros, service sshd restart should do it.

That's enough to get SFTP enabled. Once that's done, you'll need to create accounts, and set passwords, for your SFTP users. Note that each user will generally have SSH access as well -- setting the shell to /sbin/nologin or /bin/false will also disable SFTP. If you have cPanel, though, its "no shell access" shell seems to work fine for allowing SFTP but not SSH. (Seems like the issue may have something to do with the delay that cPanel's no-shell thingie does, which would give the SFTP subsystem time to start.)

cHao
A: 

You haven't specified the platform. On Windows, CompleteFTP is an affordable option for an SFTP server that also includes support for FTP and FTPS. Installing it will set it up for Windows users.

Bruce Blackshaw