Product SiteDocumentation Site

4.16. Secure file transfers

During normal system administration one usually needs to transfer files in and out from the installed system. Copying files in a secure manner from a host to another can be achieved by using the ssh server package. Another possibility is the use of ftpd-ssl, a ftp server which uses the Secure Socket Layer to encrypt the transmissions.
Any of these methods need special clients. Debian does provide client software, such as scp from the ssh package, which works like rcp but is encrypted completely, so the bad guys cannot even find out WHAT you copy. There is also a ftp-ssl package for the equivalent server. You can find clients for these software even for other operating systems (non-UNIX), putty and winscp provide secure copy implementations for any version of Microsoft's operating system.
Note that using scp provides access to the users to all the file system unless chroot'ed as described in Section 5.1.1, “Chrooting ssh”. FTP access can be chroot'ed, probably easier depending on you chosen daemon, as described in Section 5.3, “Securing FTP”. If you are worried about users browsing your local files and want to have encrypted communication you can either use an ftp daemon with SSL support or combine clear-text ftp and a VPN setup (see Section 8.5, “Virtual Private Networks”).