Access or stream remote files on Android using EStrong File Explorer

I currently use AndFTP to download files remotely using the ftp or sftp protocol. For local file access, I use something like ASTRO File Manager or Linda File Manager. I recently discovered EStrong File Explorer, a file manager that lets me access both local and remote files. You can access or stream remote files directly without downloading it first. That is, you can select an mp3 file and play it with your favorite music app directly. It is like the remote server is mounted on the device like in Linux which makes file access feel seamless. Too bad streaming movie files like XviD is a little laggy with MX Video Player or Rockplayer Lite even when the server is on the local network.

sftp with restricted folder

I recently needed to set up an ftp server (or sftp server) that allows the user to transfer files. I had some restrictions:

  1. The account cannot have ssh access since I don’t want an unauthorized person to run jobs on the server.
  2. The account needs to be restricted to a single directory. I don’t want the account to have access to all files on the server.

I first followed this guide to get proftpd up with an account. However, I kept getting errors trying to log in using Nautilus or Filezilla. The error came from PASV mode, which I think stems from a firewall/NAT issue. I next tried this to use vsftpd. Still no go (same error).

I decided to use sftp since I know for sure ssh works and that it’s more secure. Now that I think about it, none of my server has an ftp server running since sftp is more secure and Nautilus and Filezilla supports the sftp protocol.

From this post, I re-discovered rssh and the native support from recent versions of openssh. The “match user” method for openssh and the rssh method did not work for me. I finally stumbled on this post that made things work.

sudo apt-get install openssh ## this is already installed for me
## modify /etc/ssh/sshd_config
# Use the following line to *replace* any existing 'Subsystem' line
Subsystem sftp internal-sftp

# These lines must appear at the *end* of sshd_config
Match Group sftponly
ChrootDirectory %h
ForceCommand internal-sftp
AllowTcpForwarding no

## in shell
sudo groupadd sftponly
sudo useradd newuser
sudo passwd newuser ## set password
sudo usermod -g sftponly -s /bin/false -d /home/newuser newuser
sudo chown root:root /home/newuser
cd /home/newuser
sudo mkdir upload ## upload files in here
sudo chown newuser:newuser upload
sudo /etc/init.d/ssh restart

Now, ssh with the newuser should not work, and sftp (via command line, nautilus, or filezilla) should only access one location.

Note that /home/newuser is own by root, so newuser can’t do much in there. Create a directory upload, and make newuser the owner.