Sebastian Posted May 28, 2005 Posted May 28, 2005 (edited) This topic has been around for at least since 2003. It's obviously of some interest to a number of people. The technology seems tried and true. Using cPanel for secure transfer is no feasible alternative. Still support for this protocol has never been added. Given the usual speed and flexibility I have come to know from the TCH techies, there must be a serious reason why. Yet, in this forum, I haven't come across it. Being generally a very satisfied customer of TCH's, I have to all the more wonder why… My case for SFTP: Besides the obvious advantages over plain FTP on the security frontier, SFTP supports the 'CHMOD UTIME' command, allowing clients to adjust the modification date of uploaded files — by default the date of upload — to reflect the files modification date on the local host. Apart from greatly facilitating the manual comparison of file versions, this inconspicuous little feature is used by some clients as the natural basis for file syncing/mirroring services. This is so practical it makes my want to scream! Actually the 'CHMOD UTIME' command is also supported by some FTP servers, but unfortunately not by the one deployed at TCH. So, to kill two rabbits with on rock (Portuguese), hit two flies with one flap (German) and [fill in the corresponding English idiom], let's get SFTP, whatcha say?!?! Edited May 28, 2005 by Sebastian
Deverill Posted May 28, 2005 Posted May 28, 2005 I'm not deeply enough into the technical details at TCH to know what it takes to do that so I'll defer to others. I just figure that none of my stuff is worth securing during transmit and that the time I put it on the server is the basis Dreamweaver uses to synchronize so it's good for me as it is. I'm sure someone will answer your question soon about the logistics of doing it on TCH.
Sebastian Posted May 28, 2005 Author Posted May 28, 2005 I just figure that […] the time I put it on the server is the basis Dreamweaver uses to synchronize so it's good for me as it is. <{POST_SNAPBACK}> Sure, that's the case. But it does so with the help of metafiles it stores on the server and your localhost — not exactly elegant! And besides, Dreamweaver is quite an expensive and bloated piece of sofware — for a FTP client, at least
TCH-Dick Posted May 28, 2005 Posted May 28, 2005 SFTP is a part of the SSH protocol and since we do not provide shell access you will not be able to use SFTP.
Sebastian Posted May 28, 2005 Author Posted May 28, 2005 (edited) SFTP is a part of the SSH protocol and since we do not provide shell access you will not be able to use SFTP. <{POST_SNAPBACK}> When I googled for "allow SFTP without shell access" I found the following discussion thread, which, to me, seemed pretty knowledgable: SSH - sftp without shell access What I got out of it was: it's possible though difficult. On the other hand I found the HTTPS/WebDAV solution it mentions quite intriguing! To my knowledge this pair offers similar features to SFTP and you get them free of SSH-headaches. Wouldn't that be a solution?! Edited May 28, 2005 by Sebastian
Head Guru Posted May 28, 2005 Posted May 28, 2005 We do not offer SFTP and have no plans on doing so. It is very problematic working with cPanel. Sorry but we cant do it all. Bill
TCH-Bruce Posted May 28, 2005 Posted May 28, 2005 As for Webdav you might want to look at this thread. http://www.totalchoicehosting.com/forums/i...?showtopic=7233
Sebastian Posted May 28, 2005 Author Posted May 28, 2005 Well, this doesn't look promising at all either! It seems like all the exits are blocked. That's bad! One would think though that at least newly set up servers could be WebDAV enabled. But apparently that's not the case. Anyway, I hope TCH has a strategy to accommodate new technologies and necessities in the future — even if they're not just plug & play Thank you all for this exchange!
TCH-Don Posted May 28, 2005 Posted May 28, 2005 The problem with DAV is that it can be used for a DOS attack. Another possible denial-of-service attack involves a client simply filling up all available disk space with many large files. There is no direct way to prevent this in Apache, so you should avoid giving DAV access to untrusted users. So in a shared hosting enviroment this is not safe.
TCH-Bruce Posted May 28, 2005 Posted May 28, 2005 One would think though that at least newly set up servers could be WebDAV enabled.But apparently that's not the case. When you are managing over 100 servers you don't want to start special configuring some of them. They try to keep all the servers configured the same. This way it's easier to maintain them.
TCH-Rob Posted May 29, 2005 Posted May 29, 2005 We also make sure that new technology is stable, secure technology before considering any changes.
Sebastian Posted May 29, 2005 Author Posted May 29, 2005 The problem with DAV is that it can be used for a DOS attack. So in a shared hosting enviroment this is not safe. <{POST_SNAPBACK}> Security is, of course, a most vital concern. But, as they evolve, technologies inherently become more vulnerable. (As do organisms for that matter — a jellyfish can't die of pneumonia.) So, in order for the candidate to survive, the newly gained strengths must outweigh the newly gained weaknesses. More practically: Apple uses WebDAV extensively. I'm sure they are a security aware company. How do they do it? When you are managing over 100 servers you don't want to start special configuring some of them. They try to keep all the servers configured the same. This way it's easier to maintain them. <{POST_SNAPBACK}> This is surely a most sensible approach! On the other hand, not allowing for gradual transitions bears the possibility of stagnation, as every so little modification becomes a gigantic undertaking and therefore often tends to be better left alone. How, for example, will you ever upgrade to PHP5 this way? (Or will you just not?) But I am going too far! I don't have any experience running a commercial web server, and thus no qualification questioning the way you run yours. Please, accept my apology if I have unduly criticized you, as I realize I am over my head here. My initial post was not intended to conjure up a discussion about your policies and as I said there: I am generally a very satisfied customer of yours! I may, at times, be too easily enthusiastic about new technologies. I just like to see good things get better and, as everybody else, would love to have my cake and eat it.
Head Guru Posted May 29, 2005 Posted May 29, 2005 We are not offering SFTP and have no plans in place to do so. Thread closed.
Recommended Posts