Have you thought about running sftp on a nonstandard port? John Wright Manager of Departmental Computing Radio/TV Services Indiana University 1229 E. Seventh Street, room 284 Radio-TV Center Bloomington, Indiana 47405 Phone: 812-855-8076 Fax: 812-855-0729 [EMAIL PROTECTED]
-----Original Message----- From: Stephen Gran [mailto:[EMAIL PROTECTED] Sent: Friday, June 20, 2003 11:56 AM To: Debian Security Subject: recommendations for FTP server Hello all, I am thinking about setting up an FTP server to be used by myself and a couple of friends. The box it will be running on is basically stock Woody, and is currently only running apache and NAT'ing for a LAN. I'd like the FTP server to not allow anonymous logins (which I assume most can do), chroot users to their home directories, and have some sort of encrypted connections (over SSL would be nice). I have thought about just using sftp, but currently ssh connections are rerouted to another box on the LAN, and I'd like to leave that set up as is, if possible. I see that proftpd is the example used in the 'securing Debian' manual, but it doesn't appear to be able to use SSL. OTOH, ftpd-ssl doesn't appear to do chroot'ing, at least not at a quick glance. Anybody know of one that combines these features? I suppose there is always stunnel, although I have never tried to use it for FTP. Any recommendations, experiences, thoughts? -- ------------------------------------------------------------------------ -- | Stephen Gran | The proof of the pudding is in the | | [EMAIL PROTECTED] | eating. -- Miguel de Cervantes | | http://www.lobefin.net/~steve | | ------------------------------------------------------------------------ -- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]