4

I'd like to replace FTP access with systems that are more secure. Sending passwords in plain text with no encryption is unacceptable and with single-sign-on growing, becoming less acceptable daily.

The catch: I need something that supports Linux, Windows and OS X and the server needs to run on Windows.

Edit: It also needs to authenticate users against pre existing Windows credentials.

jldugger
  • 14,342
  • 20
  • 77
  • 129
  • We've chosen WebDAV. I was leaning towards this over SFTP, but I wanted to gather opinions. SFTP is nice and I use it daily at home, but IIS is already running and supports WebDAV. – jldugger Oct 06 '09 at 19:46

7 Answers7

8

SFTP sounds like what you need, and OpenSSH runs just fine under Windows/Cygwin, with clients available for all the platforms you need.

RainyRat
  • 3,730
  • 1
  • 24
  • 29
  • How does it handle authentication on Windows? Seperate passwd file? – jldugger Sep 30 '09 at 21:01
  • Yes, although local/domain accounts should work as well; I can't find the exact HOWTO I used, but there's a decent one at http://www.cs.bham.ac.uk/~smp/projects/ssh-windows/. Alternatively, you could use key-based authentication instead. – RainyRat Sep 30 '09 at 21:23
  • 1
    @jldugger, it depends on what sftp/ssh server you run. There are options that should be able to integrated with the AD or the computer's account database. – Zoredache Sep 30 '09 at 21:23
  • IIS / FTP 7.5 now with SSL! – AJ. Oct 01 '09 at 00:16
5

One option is to use webdav. IIS supports webdav. Since you need the system to be secure you will obviously want to setup SSL.

Webdav is usually going to be open through most firewalls and will operate through a standard http proxy. Most of the other options suggested tend to be more difficult to get through firewalls that you don't control.

OSX, and Windows have native webdav clients. Linux can use webdav via fusedav.

Webdav is probably going to be somewhat easier for you users, but it does act somewhat quirky on occasion.

Zoredache
  • 130,897
  • 41
  • 276
  • 420
3

FTPS would also work.

http://en.wikipedia.org/wiki/FTPS

Josh

Josh Brower
  • 1,669
  • 3
  • 18
  • 29
3

Use Apache + mod-dav + mod-ssl. Your shares will be seen as a Web Folder under Windows, and as mountable filesystems or accessible with ftp-like clients under Linux and MacOS.

More info on WebDAV: http://www.webdav.org/

codehead
  • 986
  • 5
  • 7
  • The box serving FTP right now is IIS. I'll be using this style of solution for a subversion website, but there's no point in installing two concurrent web servers. IIS does support WebDAV, so I'd give you more credit, but I can only mark one answer as 'best!' – jldugger Oct 06 '09 at 19:41
0

I've used Bitvise WinSSHD on a few servers to this end. It (gasp) costs money, ~$99 / server, but it gives you a wide variety of SFTP options, including the ability to import keys to eliminate the use of passwords for authentication.

Works seamlessly with Mac, *nix and Windows clients from my experiences with it to date.

http://www.bitvise.com

HTH

cpuguru
  • 401
  • 5
  • 14
0

You can try SFTPPlus Server as it support both local and Active Directory accounts on Windows. In case, in the future, you want to change the OS, it would be easy, at it support Linux, AIX, Solaris, HP-UX.

You can replace the FTP protocol with SFTP, FTPS or HTTPS as they are all much better than FTP. SFTP and HTTPS are highly recommended as the are much easier to configure behind a firewall.

I am one of the people developing SFTPPlus

Adi Roiban
  • 823
  • 3
  • 8
  • 12
0

Have a look at CrushFTP. Runs great and has a wide variety of secure options. Great support and priced right. Have tried with Windows and Mac clients and it works great. Have not tried the latest version. Running 4.9.9 on a Windows 2003 Server running on VMware server. Performance is good and does not seem to demand much in resources. Free demo and some really good online instruction. From the site feature list "CrushLDAP (use ActiveDirectory, or LDAP to load your users from)"

http://www.crushftp.com/

We have been running for many months and everyone seems happy with the product.

Dave M
  • 4,514
  • 22
  • 31
  • 30