1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WebDav or ssh?

Discussion in 'Web and Network Services' started by bsus, Jan 22, 2012.

  1. bsus

    bsus New Member

    Messages:
    299
    Likes Received:
    0
    Hi,

    at this time I use ssh (sftp-3) to access files on my server over the internet.

    Unfortunatly the migration of sftp-clients under windows (which are mostly default on public computers....) isn't really nice.

    My question is now if webdav can keep up in security and if it is a recommand alternative.

    Regards
     
  2. Anonymous

    Anonymous Guest

    WebDAV provides by its own no security features. It is merely an extension to HTTP. As required by RFC 4918, WebDAV enabled Web-Servers MUST support the Digest authentication scheme. This prevents attackers from steeling login credentials, however, it does not provide for any transport layer security.

    In order to achieve transport layer security, most WebDAV servers and clients can utilize HTTP + SSL, i.e. HTTPS - of course, this can be setup to give you almost the same level of security as ssh. You need to install good certificates.

    Another option would be to hide a non-SSL WebDAV behind a VPN server, so one would establish a VPN first, and then login in to the WebDAV server. Anyway, VPN would also make ftp and smb secure.

    Best regards

    Rolf
     
  3. phoenix

    phoenix Moderator Staff Member Moderator

    Messages:
    3,407
    Likes Received:
    1
    A USB stick with Portable PuTTY solves the issue. :) Been carrying a similar setup for several years now. Even works in the local libraries.
     
  4. bsus

    bsus New Member

    Messages:
    299
    Likes Received:
    0
    Hi,

    Thank you for the good overview. I will have a look at WebDAV over https and VPN.

    How does it look for creating a VPN connection under windows.
    Is this possible without 3rd party tools, is it safe on public computers and how long does the configuration usually takes?

    This is my current solution but the intergration of WinSCP in Windows isn't quite as smooth as I would like to have it :)
     
  5. Anonymous

    Anonymous Guest

    Sorry, I cannot talk for Windows, only for Mac OS X and iPhone. Although, the setup is quick and easy and works out of the box, I would not establish VPN connections to my server using foreign Macs because it would be quite easy forgetting to remove the settings afterwards.

    Perhaps others can tell something about Windows.

    Best regards

    Rolf

    PS: In the meantime, I played around with VPN on Windows 7 in VirtualBox on my Mac. Actually, setting-up a PPTP-VPN was done in a few steps by configuring a new connection from the Network properties, selecting VPN and entering user name and password. Win7 tries first to establish a SSTP connection, and after ca. 30 s fails-over to PPTP, this then connected to my FreeBSD box which got a PPTP server as described here and here.

    For removing the VPN setup, the VPN network adapter can be deleted.

    VirtualBox was in network bridge mode, since NAT mode does not pass GRE packets.

    My L2TP/IPsec Server on FreeBSD 8.2 does not work together with my Windows 7 in the VirtualBox, though.
     
  6. bsus

    bsus New Member

    Messages:
    299
    Likes Received:
    0
    Thank you for youre help ;)

    I will test this it out for me in a few days.

    Best regards,
    bsus
     
  7. mix_room

    mix_room Member

    Messages:
    588
    Likes Received:
    0
    I would then also add FileZilla portable. It gives you a quite nice SFTP-client. I'm sure there are other clients as well.