I have a web-page that is generated on a NT box that I would like to post on my OpenBSD server. The NT box provides a sftp option that allows for uploading the file to the web server I choose. What the best way to get that file onto my webpage - without compromising security.
Currently I just sftp the file to /var/tmp as a authorized user. There is a link from /var/www/htdocs/<filename.htm> ---> /var/tmp/<filename.htm>
Is there a better way to do this?

I would probably do something similar and just setup corresponding pf rules the question then becomes how much do you trust that NT box.

I just created a remote www user with sftp login capability only. he drops the files in /tmp. from there i have a cron job run a script to copy the file to the /var/www directory with correct permissions, etc. works like a charm.