Secure File Transfer and Remote Access

Lesson 20/40 | Study Time: 20 Min

Course: Linux Mastery: Master the Linux Command Line – Advanced Course

Secure file transfer and remote access are foundational for managing Linux systems and transferring data safely across networks. The SSH protocol facilitates encrypted and authenticated remote shell access, while tools like SCP and SFTP enable secure file copying.

Rsync provides efficient, incremental synchronization suitable for backups and mirroring. Utilities such as curl and wget handle HTTP/S data transfers with versatility. Proper configuration and hardening of SSH, combined with key-based authentication, significantly enhance system security and usability.

SSH Configuration and Hardening

SSH (Secure Shell) allows encrypted remote login and command execution.

Configuration file: /etc/ssh/sshd_config

Key hardening practices:

1. Disable password authentication to prevent brute-force attacks

text

PasswordAuthentication no

2. Use key-based authentication (RSA, ED25519 keys) instead. Generate keys

text

ssh-keygen -t ed25519

3. Copy public key to server:

text

ssh-copy-id user@host

4. Restrict root login:

text

PermitRootLogin prohibit-password

Change default SSH port to evade automated scans. Limit allowed users or groups using AllowUsers or AllowGroups directives, and reduce login grace time and max auth tries for additional security.

Key-Based Authentication

Key-based authentication provides a secure alternative to password-based logins. The points below explain how SSH keys work and why they are widely adopted.

SCP and SFTP Usage

SCP (Secure Copy) transfers files securely over SSH:

text

scp /path/to/local file user@remote:/path/to/destination

SFTP (SSH File Transfer Protocol) offers interactive file transfer sessions with commands like put, get, ls, cd.

text

sftp user@remote

SCP uses SSH and in modern versions defaults to SFTP protocol underneath, enhancing security.

Rsync for Data Synchronization

Rsync synchronizes files and directories efficiently with delta transfers and compression.

Useful for backups and mirroring:

text

rsync -avz /local/dir user@remote:/remote/dir

It supports exclusion lists, bandwidth limits, and resume capabilities.

HTTP/S File Transfers: curl and wget

Linux provides powerful utilities for downloading and interacting with web resources. The following commands demonstrate simple and efficient file transfer methods.

curl fetches or sends data over network protocols; highly scriptable and supports advanced options.

Example:

text

curl -O https://example.com/file.zip

wget is a simple command-line downloader supporting recursive download and mirroring.

Example:

text

wget https://example.com/file.zip

Previous Lesson Next Lesson

Andrew Foster

Product Designer

Profile

Class Sessions

1- Scripting Fundamentals 2- Control Structures 3- Functions and Modularity 4- Arrays and Data Structures 5- Advanced Input/Output 6- Text Processing Integration 7- Error Handling and Debugging 8- System Automation Scripts 9- User and Group Management 10- Process and Job Control 11- System Monitoring and Performance 12- Service and Daemon Management 13- System Logging 14- File System and Storage 15- System Maintenance 16- Network Interface Configuration 17- TCP/IP Protocol Stack 18- Network Troubleshooting 19- Firewall and Security 20- Secure File Transfer and Remote Access 21- DNS and DHCP 22- File Permissions and Ownership 23- Authentication and Authorization 24- SELinux and Mandatory Access Control 25- Encryption and Secure Communication 26- System Auditing 27- Security Best Practices 28- Advanced File Operations 29- Batch File Processing 30- Text Transformation and Reporting 31- Data Compression 32- File Integrity and Backup 33- Container Basics 34- Container Orchestration 35- Virtualization Tools 36- System Integration 37- Configuration Management Basics 38- Advanced Scripting for Infrastructure 39- Deployment Automation 40- Monitoring and Alerting