Description
-----------
hsftp is an ftp emulator that provides the look-and-feel of
an ftp session, but uses ssh to transport commands and data.
hsftp is written in C, and is known to compile with gcc under Linux.
No additional libraries are required.
No dedicated daemon (in addition to the sshd daemon) is required to run
on the server side.
Caveats
-------
hsftp executes UNIX commands on the remote host, and thus will fail on
non-unix remote hosts.
If you need a password, hsftp will ask for it. The password is encrypted
by ssh before transmission. hsftp will cache the password internally, so
you do not need to type it in again during a session. However, if hsftp
is not set SUID root, the password might get paged out to
your swap partition during prolonged inactivity.
IF YOU FEAR THAT THERE MAY BE SECURITY HOLES IN HSFTP
use the 'configure' option '--with-drop-root', which will cause
hsftp to drop root privileges irrevocably immediately on startup,
after locking the memory for the password.
Note that on some systems, this may cause other security
problems with the allocated pseudoterminal.
For RSA authentication, you may use ssh-agent, if you don't want to
set hsftp SUID root.
For speed, hsftp doesn't check whether a 'cd' on the remote host
is valid (i.e. whether the remote directory exists.)
get/put is always recursive. Already existing files are always overwritten.
Installation
------------
Issue the commands:
./configure
make
make install
To change the install directory (default: /usr/local/bin), to
/myinstall/directory/bin, use:
./configure --prefix=/myinstall/directory
'readline' support: if you have the GNU readline library installed,
which allows command line editing and command history, i.e. more comfort,
then use the option:
./configure --with-readline[=arg]
make
make install
('arg' is the directory containing the readline library; usually this
is not required).
OpenSSH support: to use hsftp with OpenSSH, you need the
configure argument '--with-openssh'.
For a list of supported configuration options, type:
./configure --help
Security
--------
If you need a password for ssh, you will be asked for it by hsftp.
The password will be kept in memory. It may be paged out to your
swap partition, if you leave the program idle for some time.
To avoid this, and enable hsftp to protect the password against swapping,
it is neccessary to give SUID root permissions to hsftp. The install
procedure will NOT do that, as it is not required for hsftp to work.
If you want it, you should do it by hand:
su root; chown root hsftp; chmod u+s hsftp
Please note that giving SUID root permissions to any executable is always
a security risk, as the respective program might have accidential
security holes.
While some care has been taken to avoid security holes in hsftp, I do not
guarantee that the program is free from them.
IF YOU FEAR THAT THERE MAY BE SECURITY HOLES IN HSFTP
use the 'configure' option '--with-drop-root', which will cause
hsftp to drop root privileges irrevocably immediately on startup,
after locking the memory for the password.
Note that on some systems, this may cause other security
problems with the allocated pseudoterminal.
For RSA authentication, you may use ssh-agent, if you don't want to
set hsftp SUID root.
Portability
-----------
This program has been developed on Linux. It is known to compile on a variety
of other UNIX flavours (at least Linux, FreeBSD, Solaris, AIX, and HP-UX),
but may not work on all. In particular, it may fail on HP-UX.
Fixes for portability are welcome for inclusion.
License
-------
Copyright (c) 2000 Rainer Wichmann <rwichmann@la-samhna.de>.
Distributed under the terms of the GNU General Public License.
Contains parts from the rxvt 'command.c' source file, which includes
the following copyright statement:
/*--------------------------------*-C-*---------------------------------*
* File: command.c
*----------------------------------------------------------------------*
* $Id: command.c,v 1.85.2.25 2000/01/04 11:20:02 mason Exp $
*
* All portions of code are copyright by their respective author/s.
* Copyright (C) 1992 John Bovey, University of Kent at Canterbury <jdb@ukc.ac.uk>
* - original version
* Copyright (C) 1994 Robert Nation <nation@rocket.sanders.lockheed.com>
* - extensive modifications
* Copyright (C) 1995 Garrett D'Amore <garrett@netcom.com>
* - vt100 printing
* Copyright (C) 1995 Steven Hirsch <hirsch@emba.uvm.edu>
* - X11 mouse report mode and support for
* DEC "private mode" save/restore functions.
* Copyright (C) 1995 Jakub Jelinek <jj@gnu.ai.mit.edu>
* - key-related changes to handle Shift+function
* keys properly.
* Copyright (C) 1997 MJ Olesen <olesen@me.queensu.ca>
* - extensive modifications
* Copyright (C) 1997 Raul Garcia Garcia <rgg@tid.es>
* - modification and cleanups for Solaris 2.x
* and Linux 1.2.x
* Copyright (C) 1997,1998 Oezguer Kesim <kesim@math.fu-berlin.de>
* Copyright (C) 1998 Geoff Wing <gcw@pobox.com>
* Copyright (C) 1998 Alfredo K. Kojima <kojima@windowmaker.org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*----------------------------------------------------------------------*/
Contains the 'dirz' subroutine from trustfile.c, wich has the following
license statement:
/*
* Author information:
* Matt Bishop
* Department of Computer Science
* University of California at Davis
* Davis, CA 95616-8562
* phone (916) 752-8060
* email bishop@cs.ucdavis.edu
*
* This code is placed in the public domain. I do ask that
* you keep my name associated with it, that you not represent
* it as written by you, and that you preserve these comments.
* This software is provided "as is" and without any guarantees
* of any sort.
*/
