Internal SFTP
The internal-sftp was added much later than the standalone
sftp-server binary, but it is the default by now. It supports everything that
the sftp-server does and has an advantage that it doesn’t require any support
files when used with ChrootDirectory.
Another advantage is performance, as it's not
necessary to run a new process for the SFTP. I believe there's no reason to use
the sftp-server for new installations.
SFTP Server
The sftp-server is still kept for backward
compatibility for installations that rely on it.
For example, in case the administrator relies on a
login shell configuration to prevent certain users from logging in. Switching
to the internal-sftp would bypass the restriction, as the login shell is no
longer involved.
Using sftp-server binary (being a standalone process)
you can also use some hacks, like running the SFTP under su sudo.
With SFTP protocol, you can use SFTP server option on
SFTP page of Advanced Site Settings dialog to execute SFTP binary under a
different user. With OpenSSH server, you can specify: sudo /bin/sftp-server
No comments:
Post a Comment