[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: safest ftp server?
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: safest ftp server?
- From: Peter Hessler <yodadoa_(_at_)_yahoo_(_dot_)_com>
- Date: Fri, 2 Mar 2001 19:37:44 -0800 (PST)
On the same point as secure, how would you chroot the scp connection?
I know I can chroot the normal ftp server by adding the user name to
the /etc/ftpchroot file, but apparently scp doesn't allow that. I have
the ssh "telnet" blocked by adding exit to the end of the .profile, and
chmod to no write access and chown to root.wheel . I want it to be a
per user thing, because when I log in as an admin through ssh, I want
full access (duh)
--- "David S." <dgjs_(_at_)_acm_(_dot_)_org> wrote:
> On Fri, Mar 02, 2001 at 01:20:08PM -0800, McKevitt, Larry wrote:
> > Hello, All:
> > what's the most secure ftp server?
> Just what do you mean by "secure"? One could argue that the FTP
> protocol is inherently insecure, since it allows clear-text
> password authentication and un-encrypted data transfers. To
> avoid those problems, you need some sort of augmented FTP server.
> There are a number of them: SafeTP, SRP telnet, Kerber-ized telnet,
> SSL/TLS telnet, sftp (which isn't "really" FTP, but scp).
> If you're not worried about insecure authentication or data
> transfers, and you just want a secure implementation of the FTP
> protocol that (you hope) won't allow any nasty exploits, how
> about OpenBSD's FTP? Run it with anonymous-only access, and
> it's probably about as secure as ordinary FTP is going to get.
> > and if there's no
> > such thing, how can i start and stop ftpd so
> > that it runs for an hour or two per day? thanks.
> Turn off FTP in 'inetd.conf' and run it in daemon mode from 'cron';
> man ftpd(8), man cron(8), man crontab(1).
> > -larry
> David S.
Do You Yahoo!?
Get email at your own domain with Yahoo! Mail.