Copying files between servers (without using SCP)

Question

Copying files between servers (without using SCP).

There are two Linux servers. One server is running an E-learning system (server 1). The second server is our Web server where Drupal is installed (server 2).

Now we have to transfer files (copying) from server 1 to server 2. I was thinking that a Drupal user could initiate the request for transferring the files from the first to the second server. (But it would be better if the files are copied automatically when new files are added in the directory of server2 (however this seems quite impossible to me)).

The first requirement is that it should happen VERY securely, lots of people will be using this and they have no business of what’s happening on server 2.

The second requirement is that a user should not have to log in onto the Linux servers to initiate the copy process.

Any suggestions and/or examples are welcome!

Kind regards

Answer 1

scp uses ssh connection underneath. It's quite hard to break a ssh security, unless:

• you decided to give your private key away - even in this case you can generate a new pair and revoke the old one

• or you have changed the default configuration to something nasty. But really it's quite secure for most use cases.

As the other user said, you can create a cronjob to run rsync from time to time, to copy your files. rsync can run over ssh as well. Also, you get the option to control what gets overwritten, updated, created or deleted on your second machine.

run man rsync for details. The examples part will help you.

Answer 2

Here's a way to do it without SCP.

IMO a simpler/safer and timely approach - assuming you have access to the destination server and can add some code there that runs under its respective web server - is to use some curl php code on the "client" (server 2 - drupal) and some php code on the "server" (server 1 - elearning) to receive the file and store it appropriately.

You should check out PHP documentation on uploading files via POST: http://www.php.net/manual/en/features.file-upload.post-method.php

Also check out curl_setopt(), especially "Example #2 Uploading File": http://www.php.net/manual/en/function.curl-setopt.php

So every time some event of your choice happens on drupal-server2, you run the code which uploads a file to a php script - something like this:

  $remote_url = "http://elearning.server1.com/upload.php";

  $data = array('file' => '@'. $uploadfile);

  $ch = curl_init();
  curl_setopt($ch, CURLOPT_URL, $remote_url);
  curl_setopt($ch, CURLOPT_POST, true);
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
  curl_setopt($ch, CURLOPT_VERBOSE, true);
  $ce = curl_exec($ch);
  curl_close($ch);

The hard part above may be catching the upload event in Drupal and accessing the upload file information. Alternatively you could open and read the file - which I don't go into here.

On elearning-server1, your receiving code e.g. http://elearning.server1.com/upload.php should look like this:

$uploaddir = '/var/www/elearning/drupal_file_uploads/';
$basename = basename($_FILES['file']['name']);
$uploadfile = $uploaddir . $basename;

if (move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile)) {
  echo "File is valid, and was successfully uploaded.\n";
} else {
  echo "Possible file upload attack!\n";
}

Once that file transfer completes, you can keep the original file on the drupal server or delete it (or perform a sanity check such as md5 hash comparison before deletion).

You can further secure the code on elearning-server1 by apache settings (only allow access to this script from the IP address of your drupal server), use HTTPS/SSL, and use a passphrase of your choice from one script to another.

I'm not sure if this is secure enough for your IT department - but it respects the spirit of your IT department's request - they will see you respected their response and you might even gain some goodwill and increased trust in return.

Before anyone uses ssh/scp in a php script - you should really ask yourself if there's an easier way to do what you need to do? Are you using a bazooka to kill a mosquito?

Setting up SSH/SCP access, even with key authentication still creates many vulnerabilities which have been mentioned by others above. Plus that connection now has the potential to perform whatever havoc it can based on its permissions on that destination server. Why take the risk if you don't need to?

Rsync cron job is safe but it introduces a delay until it's run - which may or may not be acceptable to you.

Answer 3

I assume the objection to scp is the need to save the private key without a passphrase so the copy can be run automatically.

That's the cost of security.

If you want automatic background execution, you have two choices:

1. Store the passphrase somewhere that the process can read, and use a passphrase-source for scp. This just pushes the problem up a level.
2. Store the private key unencrypted. It should be possible to protect this with appropriate permissions. If you're that concerned, regenerate it every few days.

A third option is to use a third, locked-down system that does not host other users and do a remote scp-to-scp transfer. That way the passphrase resides only on the third system and could be easier to protect.

Answer 4

you can use rysnc for synchronizing directories and set up a cronjob to rsync every X minutes/hours or whatever.