[kwlug-disc] More Secure FTP Server

Fernando Duran liberosec at yahoo.ca
Fri May 7 16:22:31 EDT 2010




----- Original Message ----
From: Raul Suarez <rarsa at yahoo.com>
To: KWLUG discussion <kwlug-disc at kwlug.org>
Sent: Fri, May 7, 2010 3:50:56 PM
Subject: Re: [kwlug-disc] More Secure FTP Server

In that case pretty much any FTP server should meet your needs

-> It depends if the requirements call for encrypted password as well. 

I suggest to use either sshd or ftp with ssl support as suggested by John. I checked and Winscp supports ftp-ssl so there's a free client. 

FTP with SSL may have a little bit more of configuration (creating a certificate etc) but it's probably safer overall than ssh and Linux accounts since for ftp users these can be set to "nologin" shell.

Also the OP can start with an ftp server with restrictions (jailed users, no anonymous logins etc) and later on add ssl support for better security.

Fernando 

---------------

At home I use http://www.pureftpd.org/project/pure-ftpd

The accounts are set in a way that you can only access your own folder. 

Configuration is a breeze and uses almost no resources (I run it in a P2 400MHz)

Raul Suarez

Technology consultant
Software, Hardware and Practices
_________________
Twitter: rarsamx
http://rarsa.blogspot.com/ 
An eclectic collection of random thoughts


--- On Fri, 5/7/10, Kiwi Ssennyonjo <kiwi at ssenn.com> wrote:

> From: Kiwi Ssennyonjo <kiwi at ssenn.com>
> Subject: Re: [kwlug-disc] More Secure FTP Server
> To: "KWLUG discussion" <kwlug-disc at kwlug.org>
> Received: Friday, May 7, 2010, 3:40 PM
> We are looking for mostly login
> security.
> The archives that are being downloaded are encrypted.
> 
> Sent from my iPhone
> 
> On 2010-05-07, at 15:37, John Van Ostrand <john at netdirect.ca>
> wrote:
> 
> >
> > ----- "Fernando Duran" <liberosec at yahoo.ca>
> wrote:
> >> Some users are too used to ftp or don't want to
> try sftp, in that
> >> case
> >> just a regular ftp server (vsftp works well) with
> jailed users (this
> >> is one config pararmeter in vsftp) may be a
> "better" solution,
> >> knowing
> >> that communication (including password) is not
> encrypted.
> >
> > Vsftpd supports SSL encryption which suggest the whole
> transfer
> > including password is secure. You should see what
> clients support
> > this first.
> >
> > --
> > John Van Ostrand
> > CTO, co-CEO
> > Net Direct Inc.
> > 564 Weber St. N. Unit 12, Waterloo, ON N2L 5C6
> > Ph: 866-883-1172 x5102
> > Fx: 519-883-8533
> >
> > Linux Solutions / IBM Hardware
> >
> >
> > _______________________________________________
> > kwlug-disc_kwlug.org mailing list
> > kwlug-disc_kwlug.org at kwlug.org
> > http://astoria.ccjclearline.com/mailman/listinfo/kwlug-disc_kwlug.org
> 
> _______________________________________________
> kwlug-disc_kwlug.org mailing list
> kwlug-disc_kwlug.org at kwlug.org
> http://astoria.ccjclearline.com/mailman/listinfo/kwlug-disc_kwlug.org
> 



_______________________________________________
kwlug-disc_kwlug.org mailing list
kwlug-disc_kwlug.org at kwlug.org
http://astoria.ccjclearline.com/mailman/listinfo/kwlug-disc_kwlug.org







More information about the kwlug-disc_kwlug.org mailing list