It includes several common tools for secure remote access, including key generation, scp, and sftp (a secure version of FTP, which we'll get to in a bit). OpenSSH is still maintained under the BSD license and is available for a wide range of platforms. OpenSSH started as a BSD fork of the original SSH secure communications protocol, which has since become re-licensed as "non-free" and thus not generally available for Linux. If the file was copied correctly, this should display no output.Secure Copy, or scp, is a secure version of the older rcp tool (which is still used, but less common) included in the OpenSSH suite of tools. ~]$ diff /tmp/test/txt.sha1 <(openssl sha1 < "$HOME/test.txt") If so, he should check to make sure only Alice can write to /tmp/test.txt. You can instead digitally sign the file, or any other method of guaranteeing its integrity.Īnd finally Bob moves the file and takes ownership of it: ~]$ mv /tmp/test.txt ~]$ chmod 600 "$HOME/test.txt"Īnd Bob can check the integrity if he likes. If you want to check integrity of the file, Alice should also generate a hash of the file. This overwrites the contents of /tmp/test.txt. Then have USER1 (let's call her Alice) run (if you're paranoid, Alice can check the permissions first to make sure the file is owned by Bob): ~]$ dd if="$HOME/test.txt" of=/tmp/test.txt This creates a file that is world-writable, but not readable. A directory owned by Bob that is world-readable also works): ~]$ touch ~]$ chmod 622 /tmp/test.txt Have USER2 (let's call him Bob) run the following commands (you can replace /tmp with any directory that both users have permissions to write to, but /tmp is ideal because by default it is sticky, which prevents a malicious user from subverting this process. The command chmod g+s sets the setgid bit so that files placed into the directory have the group ownership set to group2.Įvery other answer here requires root access, allows any user on the same machine to copy the file, or requires password sharing.
Then, as root/admin, change the group ownership to the other user's group, sudo bashĬhgrp group2 $place/shared & chmod g+s $place/shared Mkdir $place/shared & chown oup3s $place/shared & chmod 770 $place/shared Ĭp $file $place/shared & chgrp $place/shared/$file & chmod 660 $place/shared/$fileīut, suppose you cannot create the new, shared group, and place both users in that group?Ĭreate the directory and give it 770 permissions, mkdir $place/shared & chown oup1 $place/shared & chmod 770 $place/shared
addgrp group3Ĭreate a directory in a mutually accessible place, where one user owns, but has group ownership of group3s. Suppose user1 is in group1, and user2 is in group2, and both user1 != user2 and group1 != group2.Ĭreate a shared group, group3s. Assume you either do not have ssh installed, or cannot do do not want to share keys/secrets.
0 kommentar(er)
