You are not logged in.
- Topics: Active | Unanswered
#1 2009-05-29 18:48:39
- pseudonomous
- Member
- Registered: 2008-04-23
- Posts: 349
Suggestions for Filesharing Use Case
Hello,
I was wondering if anyone has any suggestions for the following situation:
I want to work on some music recording projects with a friend of mine who lives real far away from me. so we want to send audacity projects and/or .wav files back and forth to each other. (audacity projects consist of .aup file and folder of other small data files; of course these could be compressed into an archive and sent as a single large file). Audacity projects are usually at least 100 MB in size, often they get to the 1-2 gigabyte range.
Now unless I switch e-mail providers, I won't be able to send/receive these files via e-mail. So I was thinking I could set up an sftp/ssh server (well, modify the one I'm already running) to let my friend login to my computer to put/get the files.
The main issue here is one of security; my friend uses Windows (Vista) and is not nearly as technically inclined as I am; I don't think he would have trouble learning to use PuTTY and enough of the sftp shell to transfer the files back & forth, but I'm not sure if I really want to bug him about joining my IP filtering scheme (use DynDNS to assign hostnames to computers that are not at home that are allowed to login, grab the associated IPs via cron and stick them in a file to include in hosts.allow), which I figure keeps the ssh server reasonably secure.
So I'm looking for suggestions on either:
- How to make my server more secure without requiring my friend to do too much work
- Other filesharing solutions.
Thanks in advance for your suggestions.
Last edited by pseudonomous (2009-05-29 18:49:14)
Offline
#2 2009-05-29 19:05:52
- iBertus
- Member
- From: Greenville, NC
- Registered: 2004-11-04
- Posts: 2,228
Re: Suggestions for Filesharing Use Case
I always thought that port knockers were fun! That way he could knock with a script to open the ports on your machine and then when the session was over the ports could close again. Unless you are hiding government secrets I would not worry too much about the security end of things.
Offline
#3 2009-05-29 19:09:39
- electricshoes
- Member
- From: Oregon
- Registered: 2008-10-07
- Posts: 20
Re: Suggestions for Filesharing Use Case
You could share with torrents. Create a torrent of your project and email the small file to your friend, then he would just open it in his client and download from you.
Offline
#4 2009-05-29 19:19:01
- derelict
- Member
- Registered: 2006-07-25
- Posts: 81
Re: Suggestions for Filesharing Use Case
Why not just use the built-in chroot jail that sshd provides and setup the account with the shell /bin/false? Your friend can use winscp on his vista machine. No shell access, and even if the account is compromised it won't be able to get anywhere.
Offline
#5 2009-05-30 22:01:19
- pseudonomous
- Member
- Registered: 2008-04-23
- Posts: 349
Re: Suggestions for Filesharing Use Case
Why not just use the built-in chroot jail that sshd provides and setup the account with the shell /bin/false? Your friend can use winscp on his vista machine. No shell access, and even if the account is compromised it won't be able to get anywhere.
I think this is what I'm going to do, in fact I've pretty much got it setup now, there's only one thing that bothers me:
It seems like there isn't any good way to allow my friend to change his password via sttp, so I'll have to assign him a password and either e-mail it to him or phone and tell him what it is; if I want to force password rotation; I'm going to have to do this regularly, I'd rather have something I could setup and forget about, but I guess that I may just have to setup a full chroot environment if I want that. (which is also a bit of security risk because we don't have any secure method for communication, oh well)
Thanks for your suggestions!
Offline
#6 2009-05-30 22:39:32
- dmartins
- Member
- Registered: 2006-09-23
- Posts: 360
Re: Suggestions for Filesharing Use Case
You could use public key authentication instead of a password. It's pretty easy to generate a key pair using puttygen on windows & there are lots of guides out there your friend could follow. The public key can be safely emailed to you by your friend.
As a bonus WinSCP understands the private keys that puttygen generates, so there's no problem there.
Last edited by dmartins (2009-05-30 22:40:42)
Offline
#7 2009-05-30 22:40:59
- sveri80
- Member
- Registered: 2008-11-12
- Posts: 38
Re: Suggestions for Filesharing Use Case
I'd suggest Oneswarm ( http://oneswarm.cs.washington.edu/ ). Its a P2P client with the possibility to add friends to a private network. There you can quickly add folders and alike and share everything in there.
You can even set up groups and make a little bit rights management. Besides that its very easy to setup, just like any P2P client.
Offline
#8 2009-05-31 00:05:33
- stefanwilkens
- Member
- From: Enschede, the Netherlands
- Registered: 2008-12-10
- Posts: 624
Re: Suggestions for Filesharing Use Case
set-up an SSL-ed ftp daemon?
Arch i686 on Phenom X4 | GTX760
Offline