| | |
| ||
| ||
     |
In this section we introduce an SFTP use case where SSH Tectia Server is used for automated file transfer, and show how to configure the SSH Tectia Server for it. The SSH Tectia Client does not require any configuration changes.
For automated file transfer, it is advisable to configure certain restrictions on the SFTP usage to improve the security of the system. In the use case we allow file transfer access only to a specific user group to a specific folder using public key authentication, and terminal access is denied from everyone else but administrators.
The SFTP use case defines the following restrictions on the SSH Tectia Server:
Public keys are the only allowed authentication method. They provide the best security in non-interactive authentication which is needed with scripted commands. See instructions in Enabling Public-Key Authentication
SFTP service is allowed only for specially created user groups
SFTP-users and admin. SFTP service is denied
from all other users.
See instructions in Restricting Access to File Transfer Service
Members of SFTP-users have access restricted to their
user-specific home folders only.
This can be defined with chrooting settings.
See instructions in Restricting Access to Folders
Terminal access is allowed only for administrators, from everyone else, it is denied. See instructions in Restricting Terminal Access
![[Note]](images/note.gif) | Note |
|---|---|
Make sure the firewall is open for port 22. |
| |
Copyright 
2007 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Contact Information