Busy day! I got to the museum around 11am and stayed to 11pm. We had a good amount of visitors today. Several families came through, including a few engineers. Jeff B. and I worked on VCF East preparation between the visitors. After-hours, I made good progress on our new info kiosk. I used aeronautical-grade velcro (thank you Martin) to attach one of the micro form-factor PCs to the back of the 27" touchscreen monitor, configured all the OpenKiosk software settings, and learned how to connect from our office PC to the web server with SSH (thank you Bill Dudley for the telephone tech support). I know SSH is very secure, but afterward I decided to put FTP on the web server because (don't kill me) I prefer a point-and-click way to move files. Then I spent an hour or two on the kiosk content. Got the main template finished. All that's left to do is update a few content pages, tie back the kiosk cabling, and hang a sign from the ceiling pointing to the kiosk. Probably another 2 hours total and then it will be done.
I decided to put FTP on the web server because (don't kill me) I prefer a point-and-click way to move files.
PS. Sometime after VCF East -- perhaps at our June workshop -- it would be helpful if any of you Linux experts can give the web/ftp server a security hardening. Apache and FTP are both running bone-stock right now. I know there are weaknesses and also many common ways to fix those. But I haven't got the knowledge to do it, nor the time to learn how. Right now it's just set up to be functional.
On 4/25/2019 12:47 AM, Evan Koblentz via vcf-midatlantic wrote:
Busy day! I got to the museum around 11am and stayed to 11pm.
We had a good amount of visitors today. Several families came through, including a few engineers.
Jeff B. and I worked on VCF East preparation between the visitors.
After-hours, I made good progress on our new info kiosk. I used aeronautical-grade velcro (thank you Martin) to attach one of the micro form-factor PCs to the back of the 27" touchscreen monitor, configured all the OpenKiosk software settings, and learned how to connect from our office PC to the web server with SSH (thank you Bill Dudley for the telephone tech support). I know SSH is very secure, but afterward I decided to put FTP on the web server because (don't kill me) I prefer a point-and-click way to move files. Then I spent an hour or two on the kiosk content. Got the main template finished. All that's left to do is update a few content pages, tie back the kiosk cabling, and hang a sign from the ceiling pointing to the kiosk. Probably another 2 hours total and then it will be done.
I strongly recommend ditching FTP and using SSH/SFTP, (even if you use a pre-shared key with no key password), you're still getting more security than FTP could offer. If you really MUST use FTP, try setting up FTP using TLS/SSL encryption of the control channel, so the password isn't sent in plaintext. -- Jonathan Gevaryahu jgevaryahu@gmail.com jgevaryahu@hotmail.com
I strongly recommend ditching FTP and using SSH/SFTP, (even if you use a pre-shared key with no key password), you're still getting more security than FTP could offer.
Nothing against SSH, but I want to keep my file transfers graphical. Really not interested in doing that by command line (nor in having a debate about it)...
If you really MUST use FTP, try setting up FTP using TLS/SSL encryption of the control channel, so the password isn't sent in plaintext.
I understand and agree with your point about the password. Keep in mind that this data never leaves our network: the local machine and the Apache server are both on our * intranet * physically inside the museum. Nothing gets sent outside of our walls. However I welcome you to come visit in June and set up TLS/SSL for us.
On 4/25/2019 2:14 AM, Evan Koblentz wrote:
Nothing against SSH, but I want to keep my file transfers graphical.
use WinSCP? That does SSH/SFTP graphically with a norton-commander style interface, I've been using it for years. -- Jonathan Gevaryahu jgevaryahu@gmail.com jgevaryahu@hotmail.com
I was informed off-list: "SFTP is already installed on linux.You had to install FTP because no one uses it anymore as it has been deprecated. SFTP works just like FTP, and there are plenty of graphical clients for all platforms. It is, well, just secure (that's what the S in SFTP stands for)." I didn't know that. I will try it on my next trip down there this Saturday. On Thu, Apr 25, 2019, 4:31 AM Jonathan Gevaryahu <jgevaryahu@gmail.com> wrote:
On 4/25/2019 2:14 AM, Evan Koblentz wrote:
Nothing against SSH, but I want to keep my file transfers graphical.
use WinSCP? That does SSH/SFTP graphically with a norton-commander style interface, I've been using it for years.
-- Jonathan Gevaryahu jgevaryahu@gmail.com jgevaryahu@hotmail.com
On 4/25/19 9:09 AM, Evan Koblentz via vcf-midatlantic wrote:
I was informed off-list: "SFTP is already installed on linux.You had to install FTP because no one uses it anymore as it has been deprecated. SFTP works just like FTP, and there are plenty of graphical clients for all platforms. It is, well, just secure (that's what the S in SFTP stands for)."
I didn't know that.
I will try it on my next trip down there this Saturday.
Evan, it might help to understand that ssh and FTP are protocols, not programs. Many programs implement those protocols, and there are sure to be more as time goes by. Interestingly and confusingly, the common program called sftp uses ssh (the protocol, via the ssh program) as its underlying transport mechanism. If you're running under Linux, and I'm pretty sure OS X can do this too, you can directly mount an ssh/sftp directory in the file browser, and drag-n-drop until your eyes glaze over. That actually works pretty well and might better suit the things you want to do. And FTP is no more "deprecated" than any other protocol, some random Linux distribution's assertions notwithstanding. Don't use it in cleartext on any unsecured network, but then that's good advice regardless of the protocol. As soon as I see an RFC that states that FTP is deprecated, then I'll agree that it's deprecated. Meanwhile, it continues to be used, for various perfectly valid reasons, all over the world. I'd not recommend its use for your application, though, except locally. -Dave -- Dave McGuire, AK4HZ New Kensington, PA
you can directly mount an ssh/sftp directory in the file browser, and drag-n-drop until your eyes glaze over. That actually works pretty well and might better suit the things you want to do.
I like it. Will give that a shot. <Evan heads off to Google "how to mount sftp directory in Linux file manager > On Thu, Apr 25, 2019, 12:13 PM Dave McGuire via vcf-midatlantic < vcf-midatlantic@lists.vcfed.org> wrote:
On 4/25/19 9:09 AM, Evan Koblentz via vcf-midatlantic wrote:
I was informed off-list: "SFTP is already installed on linux.You had to install FTP because no one uses it anymore as it has been deprecated. SFTP works just like FTP, and there are plenty of graphical clients for all platforms. It is, well, just secure (that's what the S in SFTP stands for)."
I didn't know that.
I will try it on my next trip down there this Saturday.
Evan, it might help to understand that ssh and FTP are protocols, not programs. Many programs implement those protocols, and there are sure to be more as time goes by. Interestingly and confusingly, the common program called sftp uses ssh (the protocol, via the ssh program) as its underlying transport mechanism.
If you're running under Linux, and I'm pretty sure OS X can do this too, you can directly mount an ssh/sftp directory in the file browser, and drag-n-drop until your eyes glaze over. That actually works pretty well and might better suit the things you want to do.
And FTP is no more "deprecated" than any other protocol, some random Linux distribution's assertions notwithstanding. Don't use it in cleartext on any unsecured network, but then that's good advice regardless of the protocol. As soon as I see an RFC that states that FTP is deprecated, then I'll agree that it's deprecated. Meanwhile, it continues to be used, for various perfectly valid reasons, all over the world.
I'd not recommend its use for your application, though, except locally.
-Dave
-- Dave McGuire, AK4HZ New Kensington, PA
On 4/25/19 12:19 PM, Evan Koblentz wrote:
you can directly mount an ssh/sftp directory in the file browser, and drag-n-drop until your eyes glaze over. That actually works pretty well and might better suit the things you want to do.
I like it. Will give that a shot.
<Evan heads off to Google "how to mount sftp directory in Linux file manager >
If you're running a Gnome-based environment, it should be File->Connect to Server or similar. -Dave -- Dave McGuire, AK4HZ New Kensington, PA
If you're running a Gnome-based environment, it should be File->Connect to Server or similar.
Okay thanks. Will try it Saturday. On Thu, Apr 25, 2019, 12:21 PM Dave McGuire <mcguire@neurotica.com> wrote:
On 4/25/19 12:19 PM, Evan Koblentz wrote:
you can directly mount an ssh/sftp directory in the file browser, and drag-n-drop until your eyes glaze over. That actually works pretty well and might better suit the things you want to do.
I like it. Will give that a shot.
<Evan heads off to Google "how to mount sftp directory in Linux file manager >
If you're running a Gnome-based environment, it should be File->Connect to Server or similar.
-Dave
-- Dave McGuire, AK4HZ New Kensington, PA
Anybody have recommendations for a Linux graphical SFTP client? Seems that Filezilla doesn't do this. On Thu, Apr 25, 2019, 4:31 AM Jonathan Gevaryahu <jgevaryahu@gmail.com> wrote:
On 4/25/2019 2:14 AM, Evan Koblentz wrote:
Nothing against SSH, but I want to keep my file transfers graphical.
use WinSCP? That does SSH/SFTP graphically with a norton-commander style interface, I've been using it for years.
-- Jonathan Gevaryahu jgevaryahu@gmail.com jgevaryahu@hotmail.com
On 4/25/19 9:21 AM, Evan Koblentz via vcf-midatlantic wrote:
Anybody have recommendations for a Linux graphical SFTP client? Seems that Filezilla doesn't do this.
I think it does: sftp://your.host.example.org and use port 22. -- Linux Home Automation Neil Cherry ncherry@linuxha.com http://www.linuxha.com/ Main site http://linuxha.blogspot.com/ My HA Blog Author of: Linux Smart Homes For Dummies
Although ancient looking, I like coreFTP. handles sftp and others. ________________________________________ From: vcf-midatlantic <vcf-midatlantic-bounces@lists.vcfed.org> on behalf of Neil Cherry via vcf-midatlantic <vcf-midatlantic@lists.vcfed.org> Sent: Thursday, April 25, 2019 9:30 AM To: vcf-midatlantic Cc: Neil Cherry Subject: Re: [vcf-midatlantic] Museum report On 4/25/19 9:21 AM, Evan Koblentz via vcf-midatlantic wrote:
Anybody have recommendations for a Linux graphical SFTP client? Seems that Filezilla doesn't do this.
I think it does: sftp://your.host.example.org and use port 22. -- Linux Home Automation Neil Cherry ncherry@linuxha.com http://www.linuxha.com/ Main site http://linuxha.blogspot.com/ My HA Blog Author of: Linux Smart Homes For Dummies
participants (5)
-
Dave McGuire -
Evan Koblentz -
Jonathan Gevaryahu -
Neil Cherry -
W2HX