Yesterday I was asked to set up an FTP server so that an external group (external to my office and the company) will be able to drop files off for some of our developers.
Right now we have a single CentOS box in our DMZ which runs a Windows server 2012 VM as our webserver.
Any suggestions as to the best way to tackle this? I was just thinking of setting up something like vsftpd on the box, but now I'm reading about the differences between sftp and vsftpd etc etc.
So I figured I might as well get some opinions as to the best way to go about this, both from a simplicity standpoint and security wise
Ok I was able to get it set up using SFTP and chroot, the other question I have is what I need to open up on the firewall (hardware firewall). This machine sits in our DMZ, and the people that need access to it live in the outside world. What would be the best practice for opening this up?
You should be able to allow access on port 22, but be specific to their incoming address. They may have a proxy server somewhere, so it is the IP address that is seen on the public side you should code for.
Giving open access to port 22 is just asking for trouble.
