[kwlug-disc] More Secure FTP Server

unsolicited unsolicited at swiz.ca
Fri May 7 16:40:02 EDT 2010


FWIW, the first page of Raul's excellent link indicates ssl support, 
at least for passwords / commands. And it was noted that the files 
themselves are already encrypted. YMMV.

Fernando Duran wrote, On 05/07/2010 4:22 PM:
> ----- Original Message ---- From: Raul Suarez <rarsa at yahoo.com> To:
> KWLUG discussion <kwlug-disc at kwlug.org> Sent: Fri, May 7, 2010
> 3:50:56 PM Subject: Re: [kwlug-disc] More Secure FTP Server
> 
> In that case pretty much any FTP server should meet your needs
> 
> -> It depends if the requirements call for encrypted password as
> well.
> 
> I suggest to use either sshd or ftp with ssl support as suggested
> by John. I checked and Winscp supports ftp-ssl so there's a free
> client.
> 
> FTP with SSL may have a little bit more of configuration (creating
> a certificate etc) but it's probably safer overall than ssh and
> Linux accounts since for ftp users these can be set to "nologin"
> shell.
> 
> Also the OP can start with an ftp server with restrictions (jailed
> users, no anonymous logins etc) and later on add ssl support for
> better security.
> 
> At home I use http://www.pureftpd.org/project/pure-ftpd
> 
> The accounts are set in a way that you can only access your own
> folder.
> 
> Configuration is a breeze and uses almost no resources (I run it in
> a P2 400MHz)
> 
> --- On Fri, 5/7/10, Kiwi Ssennyonjo <kiwi at ssenn.com> wrote:
> 
>> From: Kiwi Ssennyonjo <kiwi at ssenn.com> Subject: Re: [kwlug-disc]
>> More Secure FTP Server To: "KWLUG discussion"
>> <kwlug-disc at kwlug.org> Received: Friday, May 7, 2010, 3:40 PM We
>> are looking for mostly login security. The archives that are
>> being downloaded are encrypted.
>> 
>> On 2010-05-07, at 15:37, John Van Ostrand <john at netdirect.ca> 
>> wrote:
>> 
>>> ----- "Fernando Duran" <liberosec at yahoo.ca>
>> wrote:
>>>> Some users are too used to ftp or don't want to
>> try sftp, in that
>>>> case just a regular ftp server (vsftp works well) with
>> jailed users (this
>>>> is one config pararmeter in vsftp) may be a
>> "better" solution,
>>>> knowing that communication (including password) is not
>> encrypted.
>>> Vsftpd supports SSL encryption which suggest the whole
>> transfer
>>> including password is secure. You should see what
>> clients support
>>> this first.



More information about the kwlug-disc_kwlug.org mailing list