MySecureShell is a solution which has been made to bring more features to sftp/scp protocol given by OpenSSH. By default, OpenSSH brings a lot of liberty to connected users which imply to trust in your users. The goal of MySecureShell is to offer the power and security of OpenSSH, with enhanced features (like ACL) to restrict connected users.
MySecureShell was created because of the lack of file transfer features in OpenSSH. OpenSSH was not designed as a file transfer solution, that’s why we made MySecureShell.
MySecureShell is not a patch for OpenSSH, it’s a shell for users. It has the advantage to:
- Avoid including security holes in OpenSSH
- No dependency on against an OpenSSH version
- No OpenSSH recompilation is required
So MySecureShell remains easy to install, secure and easy to configure.
You might ask me why MySecureShell instead of traditional FTP server. There are several reasons including:
- You do not have to open some dedicated firewall ports for file transfers
- You are using one of the most used and secure protocol (SSH)
- You do not have to manage SSL certificates to guaranty the security
- As easy to use as a classical FTP server
- As many or more features that you can find on any classical FTP servers
- Easy to install, configure, maintain and use.
Concerning about MySecureShell, we can list the following:
- Control of bandwidth
- Security rights information
- Only authorized files and folders can be shown
- Easy installation and administration of the server with a graphical interface
- Management of activity of the server with logs
- Restrictions of users by ip, groups
- Power Encryption
- No certificate problems non-certified or certificate generation
- Support public and private keys for secure authentication without password
- Only one port to open for SSH and SFTP (port 22 by default)
- The protocol used is much more optimized than FTP because it is based on the protocol of the NFS
- Free and open source
- Advanced logging information
- ACL can be made with IP/Usernam/Groups/VirtualHost/…
- Confined environments (chroot, which is also available in the latest version of OpenSSH)
- Restrict users to have sftp only (shell access is disabled by default)
- And more…