Howto log multiple sftpd instances with their chroot shared via NFS

Hildegard Meier daku8938 at gmx.de
Fri Oct 1 15:57:34 AEST 2021


Sorry for answering this off topic post.

> you could have "vsftpd" to support FTPS rather than SFTP

In the past we offered FTPS to our industry clients, but my collegues which admister the old FTPS server told that FTPS would often be problematic with customers because of firewall/port/certificate issues or something like that (I do not know FTPS), so we migrate customers from FTPS to SFTP, which has simply one TCP port (and luckily, PKI is not established in practice with OpenSSH!).
(if customers insist to use FTPS they can use it on the old server, though)

> convince your user community to switch to FTPS enabled clients

Well we do not have a "user community" but industry clients, some of them big companies, so to change this is practically impossible.
The decision for SFTP was made ten years ago, and we need to support SFTP for decades now on :)

It took years to achieve the sftp service to become reasonably robust stable, there popped up many problems through the years which was then fixed, and with so many customers you experience ever new unexpected fancy client behaviour.
And then we have the forwarding from the sftp service to the backend processing and back, which is also not trivial.

Just to mention, 18 million files transferred via SFTP last month:
inbound   8 252 591
outbound 10 074 881



More information about the openssh-unix-dev mailing list