MySecureShell is very secure FTP server based on OpenSSH. Since it is based on OpenSSH, so you have the high level of security of it MORE functionality and POWERFUL FTP server. It is easy to install and administrate. We can administrate MySecureShell easily with cool web interface.
Features
- Control of bandwidth.
- Security rights informations.
- Easy installation and administration of the server with a graphical interface.
- Management of activity of the server with logs.
- Restrictions of users by ip, groups.
- Power Encryption.
- No certificate problems non-certified or certificate generation.
- Support public and private keys for secure authentication without password.
- Only one port to open for SSH and SFTP (port 22 by default).
- The protocol used is much more optimized than FTP because it is based on the protocol of the NFS .
- Finally it’s free and open source.
Install MySecureShell On Linux
Add the MySecureShell repository depending upon the distribution you use. All steps should run as ‘root’ user.
On Debian:
You can add the official repository of MySecureShell for Debian by adding 2 lines to the file “/etc/apt/sources.list”:
To import GPG key, enter:
OR
Now update the source list and install MySecureShell as shown below.
On Ubuntu:
Edit file “/etc/apt/sources.list” and add the following lines,
To import GPG key, enter:
OR
Now update the source list and install MySecureShell as shown below.
On RHEL/CentOS:
Edit file “/etc/yum.conf” and the following lines at the end.
Update Repository and install MySecureShell as shown below.
On Fedora:
Edit file “/etc/yum.conf” and add the following lines,
Update Repository and install MySecureShell as shown below.
Create FTP Users
Create users to use MySecureShell shell with command:
Also you assign the existing users to MySecureShell using command:
Mow you can connect to your SFTP server from your clients as shown below.
Also you can login to your SFTP server with any graphical clients such as FileZilla from your client system.
Open your favourite FTP client ex.FileZilla. Enter the user name, password and SFTP port 22 and click Connect.
Unlike vsftpd or other FTP servers, MySecureShell SFTP server is lot easy to install and configure.
Configure MySecureShell
The main MySecureShell config file is /etc/ssh/sftp_config. MySecureShell will work well with default configuration. The options in the configuration are well explained, so I don’t have to explain them.
You can adjust or specify various options such as specify upload and download bandwidth, chroot users, the max. amount of connections etc., in the MySecureShell configuration file. You can set this options for everybody or just for a particular group.
For a complete list of configuration examples, please a have look here. This page is in French, but you can translate it to your required language using Google-Trasnlate button on the left.
Say for example, Let us limit the download speed of the FTP users to 25K. To do that open MySecureShell main configuration file.
Find the following line and set the download limit to 25k under Default section.
Save and close the file. Restart MySecureShell service to take effect the saved changes.
On Debian/Ubuntu users:
On RHEL/CentOS users:
Now the FTP users will be able to download files at 25k speed.
MySecureShell Commands
MySecureShell has the following set of commands to administrate your SFTP server.
- sftp-admin
- sftp-kill
- sftp-state
- sftp-user
- sftp-verif
- sftp-who
Let us see a small introduction of each command.
sftp-admin
This command allows to manage a MySecureShell waiter remotely.
Usage:
sftp-kill
It will disconnect the user from the FTP server.
Usage:
sample output:
The above command will disconnect the user ‘test’ from FTP server.
sftp-state
It allows you to control activity of the server.
Sample output:
sftp-user
This command allows you to create a SFTP user.
Usage:
The above command will create a user called test.
The above command will delete the the user test.
Sample output:
The above command will list SFTP users.
sftp-verif
This command will verify and correct problems on a MySecureShell server.
Usage:
Sample output:
sftp-who
This command will tell you who is currently logged-in to the FTP server.
Usage:
Sample output:
How to manage MySecureShell server graphically?
Managing MySecureShell via command line is not that difficult. However if you’re looking for a graphical management tool for MSecureShell, there is a MySecure GUI front-end is available.
You Can install this GUI tool in any of your client system and start managing your SFTP server graphically as well as remotely. Also you have to install Java on your system before installing this front-end tool.
Please note: before using MySecureShell GUI, you must adjust the configuration file to allow the SFTP server to be managed remotely.
To do so, go to your SFTP server, edit file /etc/ssh/sftp_config,
Find and uncomment the following line.
Save and close the file. Restart mysecureshell service to take effect the changes.
Now download the MySecureShell client from here or download it directly from your Terminal using command:
Extract and run it as shown below.
The following screen should appear. Enter the your remote SFTP server username and password
After connecting to the SFTP server it will look like below.
Now you can manage your SFTP server remotely.
Sftp-who
To see the connected users to SFTP server click on sftp-who tab. It will show the current users connected to the SFTP server.
Sftp-state
To view the SFTP server status, click on sftp-state tab.
Wizard
To create user, go to Wizard tab. Select Configuration of users and click Create New user. Enter the new user name and password. Finally click Ok and Finish.
Please note that the users can be created only when MSS-Frontend is installed in SFTP server. Install MSS-Front-end on your SFTP server itself and start creating users.
Also you can change the default home directory, global download/upload speed of the ftp users. To do that, go to Wizard -> Configuration of Server. Enter the new values and click Finish.
Expert Mode
In the expert mode, you can adjust/modify various configuration options like Global, Security ad Advanced security. It’s not that difficult. Every option is self-explanatory.
Log
You can analyze what’s happening in the SFTP server using logs.
That’s it for now. At this stage, you will have a working SFTP server.
Reference Links:
MySecureShell Website
---------------------------------------------------------------------
Setup Secure FTP Server With MySecureShell