Is it possible to run an SFTP server without using the SSH daemon, in "userspace" so to speak? I don't like how the system's user accounts are tied to the login credentials, I'd much rather have a separate config file to specify the allowed user:password combinations and have the daemon run under one user. If that's not possible to do with SFTP, an FTP solution would be alright too.
1 Answer
without using the SSH daemon, in "userspace" so to speak
There's a misconception here. The SSH daemon is "userspace", same as any other network protocol server – it isn't necessarily part of the OS.
More importantly: How login credentials get verified has nothing to do with the presence of an SSH daemon, but everything with which SSH daemon you use and how it is written (programmed) to behave. There is nothing that forces an SSH daemon to use system accounts; it's the programmer's choice (although admittedly the only choice that makes sense for daily use).
(Side note: This isn't always the case with all network software. For example, the Windows built-in SMB server is actually part of the OS and generally cannot be swapped out. But fortunately, your question isn't about SMB on Windows; it's about SSH on Linux.)
Carrying on:
Is it possible to run an SFTP server without using the SSH daemon
Yes and no.
SFTP is defined to be used over an SSH transport; most clients won't support any other transport. An important consequence is that SFTP has no security (e.g. authentication or encryption) of its own – these security layers are established during SSH handshake.
However, SFTP does not require OpenSSH's sshd specifically, nor does it require a full-featured system-wide SSH daemon in general – the complete stack can be implemented by other software, often both in a single program.
I don't like how the system's user accounts are tied to the login credentials
For generic SSH daemons, using system accounts tends to be only option that makes sense, because they let the client have interactive shell access, through which they can run all sorts of external programs and system commands. The SSH service alone cannot provide separation between programs run by different users unless it gets help from the OS – and coincidentally, that's exactly what system accounts are made for. So that's why OpenSSH uses system accounts and nothing else.
Fortunately, the above isn't a problem for FTP daemons and dedicated "SFTP-only" SSH daemons, as all FTP/SFTP operations happen internally to the daemon itself and user isolation doesn't need anything more than carefully validating the file paths.
So finally getting to your request:
I'd much rather have a separate config file to specify the allowed user:password combinations and have the daemon run under one user
There are software for that. Search for FTP servers which support authenticating "virtual users" through some form of database. Some of them also have SFTP capability, such as ProFTPd. Most however only do FTP/FTPS.
answered Nov 7, 2018 at 20:46
-
1Thank you, ProFTPd was exactly what I was looking for! I understand the distinction, I just couldn't find any software that matched what I was thinking of.– VanadiumCommented Nov 7, 2018 at 20:54