I get this question all the time from people who run Windows-based web servers. FTP, while ubiquitous, has numerous flaws shortcomings, not all of which can be solved simply by slapping SSL/TLS on top of the existing FTP protocol.
So is there a protocol, configuration, or other solution that a Windows user can employ for general-public file-transfer use to take the place of FTP? The typical requirements are simple and intuitive:
- It needs to be something that a relatively unskilled admin can set up and manage
- Access to this protocol needs to not implicitly grant access to other resources as well
- It needs to be safe over the Internet
Here are some no-go solutions which do not satisfy the question's requirements, but are typically suggested anyway. They're included here to urge you to avoid suggesting them as answers
- Cygwin and other SSH solutions, which besides being complicated for a novice to set up, also implicitly grant command-shell access to the visitor allowing him to do more than just upload and download files (i.e. execute arbitrary code)
- RDP, which while it has file-sharing capability, also grants the visitor desktop access, allowing him to do more than just upload and download files
- FTPS, FTPES, and other FTP-based solutions. Encryption isn't the only problem with FTP. Otherwise we wouldn't be asking this question.
- Windows File Sharing, which is not safe for use over the Internet, and is typically blocked by ISPs for that reason
- DAV, unless it can be VERY easily set up and secured (which is typically not the case)
Note that this is very explictly and very intentionally not a shopping question. We're not asking which popular product best satisfies a laundry-list of features. Instead, we're looking for potential solutions for a common problem.
I think the key problem highlighted by your no-go list is not file transfer, but the quality of the training the relevant adminitrators are given (or expected to have to start with). If an organisation can not setup something like this either in-house or through an outsourced IT infrastructure then I would be rather concerned as either a customer or an investor (that comes over more aggressive/arrogant than I intended, but I can't think of a better way to word it...).
To address your points more directly:
This can definitely be faf to setup with Cygwin, but there are commercial options that might be much easier to manage. SCP/SFTP (via SSH) does not necessarily imply shell access - in all implementations I'm aware of this can be removed from users or isn't possible in the first place. Under Linux restricted shells such as
rsshare usually available, just set all your users to have one of them as their shell, so it is likely they exist in Cygwin's collection of ports too (or could be compiled locally if not). Another option if you are not convinced a restricted shell will be enough is to have the SSH loginc all go through a gateway box that contains absolutely nothing useful the users could run, and have it mount the other storage areas over the local network under the users' homes (though this would be even more hassle to setup).I would agree that RDP/RDS is the wrong solution just for file sharing, though you can lock your RDP users down securely with very limited privileges.
Agreed.
If you control the clients OSs that are connecting and they always connect over decent quality links then Windows File Sharing could be considered if only accessed via some form of VPN solution. Though if you see managing SSH as a major infrastructure management issue then the thought of a VPN could also be scary.
I've not worked with DAV myself, so can't comment with any authority here.