So I've come up against this little issue where I need to FTP some files from a unix server over to a Windows server so the plan is to setup a cron job on the unix server which FTP's all the files in a specific location up to a FTP server running on a Windows Server 2016 VM (and deletes the files afterwards) I know very little on the subject so after some reading I would seem my free options are to a) use IIS to give me FTPS or b) using Cygwin to run OpenSSH for SFTP. From what I can tell there are greater port requirements for using the IIS FTPS solution and as there will be network config required I was hoping to keep it simple and use SFTP so I can just do everything over port 22 - simple I thought. That is until I've come to the config in Cygwin and I'm clearing lacking the required knowledge on the unix side. Here is what I would like to do: Create a single local user on the Windows 2016 server, we'll call him 'ftpuser'. Give him rights to a specific folder within Windows, we can call that 'ftp_folder' This user becomes an available user within Cygwin config for sftp: mkpasswd -cl > /etc/passwd Then on logging via SFTP the user is presented with just a root '/' which is mapped to my 'ftp_folder' so files can be copied up from the unix server into this location but without any other access to the server. No browsing the structure back etc. Is this something which is doable or I'm I chasing something I can't ever get to work? I've got the user account working and I can logon via SFTP, upload etc but I can browse the whole server so I'm missing the locking it down / mapping my windows folder to the unix structure. I've been following this as a rough guide line but its based around each user having its own /home drive and basing that drive off the username which isn't really what I'm after - https://drive.google.com/file/d/0B9vL-V0yHfxYNGZscU9GS0tIcnM/view ps don't laugh - I'm very much a windows guy
I've never used cygwin but something along this in /etc/ssh/sshd_config should suffice: Code: Match user ftp_user ChrootDirectory /ftp_folder/ ForceCommand internal-sftp
Thanks for that I've done very similar and not managed to get anything working yet based off the guide (sorry I didn't put the link in first time around so edited first post) After posting I've had a look around and found 'Rebex Tiny SFTP Server' which will at least allow me to host the sftp on the Windows server and do a proof of concept to ensure things work before I put too many hour into it. Failing that, I've also found that WinSCP will allow me to run my SFTP job as a script from my Windows server which included a 'download and delete' command which I've never heard of until today so it maybe I can pass the book on for this work to my unix guys to setup the SFTP on the unix server then I'll do the copy / delete bit via a scheduled task and WinSCP. It does bother me when I can't get a specific thing working so I'll likely keep at it because I'd love to get my head around it a bit more and actually get the result I was after lol
