[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: recommendations for FTP server (fwd)

From:    mmccune@attbi.com
To:      Dariush Pietrzak <eyck@forumakad.pl>
Subject: Re: recommendations for FTP server
Date:    Sat, 21 Jun 2003 01:09:45 +0000

I know about SSL/TLS support in Proftp, the only problem is that few clients
support it (thanks fot the link to the Woody backport). I would use it if I
could find clients that are supported by multiple OSes. Are there any SSL/TLS
clients for Windows, OS X or Mac 9x? 
> > Proftpd does support SSL/TLS.  It's a module that comes with it, it's
> > just not enabled by default.  Some nice docs here:
> > http://www.castaglia.org/proftpd/modules/mod_tls.html
> > http://www.castaglia.org/proftpd/doc/contrib/ProFTPD-mini-HOWTO-TLS.html
>  Actually... it's enabled by default, that's why it says 'no certificate
> found' when you start it the first time.
>  Neither sftp nor anything else is a 'drop-in' replacement for ftp.
> 
>  The only problem with TLS/SSL in ftp is that there are not that many
> clients that support that - there are NONE in woody. You need to backport
> lftp from sid or compile it yourself ( I've got my backport available from
> http://eyck.forumakad.pl/woody ./ ) 

>  There are few other options - tlswrap changes every passive-capable ftp
> client into TLS-capable ftp client, there is this nice POSIX/Windoze
> lundfxp client etc..
> 
>  The way I see it, sftp is way less secure way of providing access to files
> then tls/ftp, you see, you need to create valid ssh-able accounts for all
> your users, then it'll take you some time to secure those accounts just a
> bit ( scp-only acount? - great, if you wanna play around and compile
> special shell... there is no scp-shell in woody, there is one in sid.
> Is it safe enough? Who knows ).
>  With ftp users need no shell, need no nothing. I create unlimited number
> of users and worry not....
> 
> -- 
> Dariush Pietrzak,
> I ain't the sharpest tool in a shed.
> Key fingerprint = 40D0 9FFB 9939 7320 8294  05E0 BCC7 02C4 75CC 50D9
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
Reply to: