> My several users use scp.
is there an idiot-proof graphical front-end for scp? windows
clients? my several users require them, or they'll just continue
using ftp, because it's *easier*... People are lazy, and security
measures which are a pain in the arse will fail to work because the
users will bypass them (summarizing from Schneier's Secrets and Lies).
> All of them can put anything they want on there.
> If you're doing hosting and letting people upload code, you have no choice
> but to trust your users. *BUT* by avoiding grotesqities like ftp, and by
> setting permissions sanely, third-parties are hard-pressed to compromise
> the server.
dealing with clients who can't remember or don't know
usernames/passwords, and the subsequent calls to isp
helpdesks:
"Hello, I am from web agency X, we need ftp details for customer Y
so we can upload their site."
And they just give 'em out. No checks, no confirming with the
customers, nothing. There's little hope of
securing stuff if people can be socially
engineered so easily.