RE: ftp and passwords
> this way when the ftplusers password is sniffed the attacker will only
> be able to login to a chrooted ftp directory. you should probably set
> disk quotas for the ftp users as well. force the users to use GOOD
> passwords as well. (perhaps set thier shell to /usr/bin/passwd and
> allow ssh (i suppose telnet since win* users refuse to be secure)
> access so they can change the password.) make them change thier
> password once a week until they start using secure protocols such as
> ssh.
Not to pick a nit, but secure passwords aren't even a speedbump if you're
being sniffed. (though they ARE good practice)
> > the hint "use ssh" is not practicable for me.
If that's the case, there's a very good graphical SCP (secure copy) program
for Win32 called ixplorer. It rides on top of the command-line scp.exe that
comes with PuTTY (it includes it though) and isn't the most sophisticated
thing in the world, but it works and is easy to use.
Insist they download and use this program if you're truly worried about
security. It's at http://www.i-tree.org
There's no way to minimize the risk of your network traffic being sniffed
aside from encryption. Ethan's suggestions will help secure that machine in
the event your unencrypted login info IS sniffed out, but you really have no
excuse not to have them use ssh/scp, even for windows. There are plenty of
free ssh clients for Win32...if your users can use ftp, they should have the
brainpower to use a win32 ssh client.
Jason Mogavero
Sr. Network Engineer
Inflow, Inc
(303)942-2828
> -----Original Message-----
> From: Ethan Benson [mailto:erbenson@alaska.net]
> Sent: Wednesday, January 24, 2001 3:45 AM
> To: debian-user@lists.debian.org
> Cc: cesco@debian.org
> Subject: Re: ftp and passwords
>
>
> On Wed, Jan 24, 2001 at 11:01:04AM +0100, Francesco Tapparo wrote:
> > Some user of a system I administer want to ftp in my
> system. The problem is
> > that with ftp all the passowrd are in clear and I fear
> someone can sniff the
> > and use them to ssh in my system.
> > the majority of the windows users don't have ssh (at least
> a good ssh) so
> > the hint "use ssh" is not practicable for me.
> > What is the best way to configure the ftp server to
> minimize the sniffing
> > risks?
>
> set it to chroot the user into thier home directory, set the home
> directory itself readonly to the user (owned by root, readable by
> user), make sure they cannot add/alter any ~/.dotfiles. and make sure
> the account cannot be logged into interactivly. such as by setting
> the shell to /bin/false or /usr/local/sbin/nologin (a small OpenBSD
> program that prints `go away' and exits).
>
> make sure you run a secure ftpd, such as the OpenBSD ftpd and not
> wu-ftpd or proftpd. preferably the user should not be able to write
> to the ftp space at all.
>
> you can also use pam to deny these users access to any service except
> ftp. create a file /etc/ftplusers and add the usernames to it, then
> add this line to all /etc/pam.d files except ftp:
>
> auth required pam_listfile.so item=user sense=deny
> file=/etc/ftplusers onerr=succeed
>
> this way when the ftplusers password is sniffed the attacker will only
> be able to login to a chrooted ftp directory. you should probably set
> disk quotas for the ftp users as well. force the users to use GOOD
> passwords as well. (perhaps set thier shell to /usr/bin/passwd and
> allow ssh (i suppose telnet since win* users refuse to be secure)
> access so they can change the password.) make them change thier
> password once a week until they start using secure protocols such as
> ssh.
>
> --
> Ethan Benson
> http://www.alaska.net/~erbenson/
>
Reply to: