From: [EMAIL PROTECTED] > > Thanks Sebastian. You stated important info that I failed > to mention. > > > > I don't mean to be confrontational but personally I didn't > think there > > was any point in securing anon/public access? > > > > Since the original poster is trying to secure logins, anon/public > > access is kind of outside of the scope -probably the reason why I > > forgot to mention the ssh accounts. ;-) > > > > JCR > > Yes but why shouldn't "we" secure anonymous-connections also? > Or if I do e.g. a little Webhosting Service. I wont give my > users an SSH > so I've to choose FTPS even it's not as secure as SFTP. > > So it dosn't just deal with anonymous connections.
Why does it need to deal with anonymous connections? The point of anonymous access is to provide content to "anyone at large", regardless their identity. So if you are using encryption to make sure that "not just anyone at large" can see the data, you're dealing with two mutually exclusive things. Put another way, if you want to use SFTP or SSH to encrypt your transfers, it't because you dont' want just anyone to get the data. If you use anonymous privileges, it's because you want just anyone to get the data. Contradictory. DS
