Using WinSCP with Linux Server PDF Print E-mail
Written by Ken Task   
Thursday, 17 July 2008 03:04
AddThis Social Bookmark Button
The issue: user wants "drag and drop" into a Linux based Apache server for Moodle or Joomla (cause that's how they used to do their Windows server).  Any secure minded Web server administrator shudders when they get such a request for it is not really very secure to setup SMB or NetBIOS on any publically facing Web server and grant access to it in such a fashion as to allow users to drag and drop files.

BUT, there is a "more secure" way than SMB and NetBIOS ... using the ability SSHD has all one needs is a workstation ciient that can make ssh conenctions for copying files.  For MacOSX there is CyberDuck. 
http://cyberduck.ch/

For Windows workstations there is WinSCP.

Here's how using WinSCP ...

The Linux server has sshd running (secure shell).  A Windows workstation can
install WinSCP - which looks like WS-FTP - one panel for local files and the other for the server to which you are connected.

Since most Windows workstations do NOT come with ability to do scp and scp is NOT part of the ISD image for normal installs, it's very few machines that would have the ability to interact with your Moodle server.

Here's link to download:

http://winscp.net/download/winscp415setup.exe

This would require one to log onto the server as root if the connection is to see Moodle files.  Otherwise, if connecting as any other user, only the users
/home/[user_name] directory will be shown. Of course, root also sees it all and can do all so that's not really a good option. Probably best not to allow root user to login this way.

Use Webmin (Users and Groups) to create an itech (example) user and in the "Home Directory" box, use /var/www/

The following is VERY important for the itech user settings ... the files/folders at web root need to remain owned by apache user and group and NOT this new user you are creating!

So for the itech user, Group Membership, bullet existing group, and type in
"apache"
*** Create home directory say NO
*** Copy files to home directory say NO
*** Create user in other modules say NO.

Screen snap of example itech user setup in Webmin.

webminitechuser













































I'd also, go to Servers, SSH Server, Access Control and add the itech user to the "Only allow users" box.  This will not prevent the root user from logging on, but it greatly restricts any other users from accessing via SSHD.
(Uhhh, don't forget to "Apply Changes" to the ACL for SSH Server before testing WinSCP.)

Now crank up WinSCP and provide the account itech info for the Moodle server
and see what you get! ;)  One word of caution ... accessing the web area in this fashion is very un-forgiving.  A key file for Moodle deleted and it's gone ... there is NO un-do. 

About the only reason to use it is to get images to theme folder or something large to a course ID folder in the moodle data folder.  The moodledata folder is in /var/www/  but in order to get a file in position to use within a course, one has to know the course ID number (seen in the URL to the  course if you are logged onto the Moodle and in the course).

Screen Snaps below in a WinSCP session with an internal Linux web server running Moodle.

winscpsetup1

































winscpconnect1

































winscpconnect2



























winscpconnected














































< Prev   Next >
 
Joomla template by a4joomla