[kwlug-disc] More Secure FTP Server

Fernando Duran liberosec at yahoo.ca
Fri May 7 14:42:25 EDT 2010


You can just use sshd in the server (probably you have this already running)  so that communication is encrypted and regular Linux user accounts (you can use an email address as user name) with /home directories, no need to install/configure anything server-side. You just need to be careful with the directory permissions and umask.

The user can use any free sftp/scp client, like winscp.com for Windows etc. And you can delete the users & files with a cron job.

Some users are too used to ftp or don't want to try sftp, in that case just a regular ftp server (vsftp works well) with jailed users (this is one config pararmeter in vsftp) may be a "better" solution, knowing that communication (including password) is not encrypted.
Fernando Duran

From: Kiwi Ssennyonjo <kiwi at ssenn.com>
To: kwlug-disc at kwlug.org
Sent: Fri, May 7, 2010 1:52:25 PM
Subject: [kwlug-disc] More Secure FTP Server

Good afternoon to you all

I need advice and direction on FTP.
We have a client that is looking for a more secure ftp server with more automation. I am not very versed with ftp.
We are looking for the following features
-Secure (SFTP, https, etc)
-automated authentication, preferably using the user's email address
  -when a user logs in they are jailed
-files and the user are deleted after a set period, five days.

The serve is going to be on CentOS 5.3, LDAP is available to be used.
The organization has a sales and purchasing departments that send all sorts of confidential information to their clients. Clients CAN NOT, and SHOULD NOt see and another's information. IE When quoting and trying to get a price from ten vendors.

Thank you in advance

Kiwi Ssennyonjo

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20100507/76c10b09/attachment.html>

More information about the kwlug-disc mailing list