[snip]
>
> > 3. SFTP encrypts both the command and data channels, but chroot jails
are
> > only available with the commercial version of ssh (ssh.com). This also
> > requires a client/user to install software on their PC with which they
might
> > not already be familiar.
> >
>
> I like this method and ws_ftp(at least newer versions) has sftp
> support built in. It isn't only available via the commercial version. I
> just did a quick Google search and the first link,
> http://mail.incredimail.com/howto/openssh/ talks about a chroot patch
> for openssh and how to get it working. Here is another document that
> talks about chrooted sftp,
> http://chrootssh.sourceforge.net/docs/chrootedsftp.html and the main url
> for it, http://chrootssh.sourceforge.net/
>
> Personally I just use scp.
As someone who uses computers regularly, I think sftp and scp is fine, both
on the client and administrator side (except for the ease in setting up the
chroot jail for particular users).
That aside, I picked #4 as the best general solution because it will disrupt
existing clients ('regular people who may not use computers often') as
little as possible. I _believe_ that FTP over SSL will allow a user
generally to type in "ftps://someftpsite.com" in their broswer window and
view/upload the files they need.
> > 4. Implicit or Explicit FTP over SSL will encrypt both the data and
command
> > channels and can be implemented using Glub Tech's Secure FTP Wrapper
> > (http://www.glub.com/products/ftpswrap/). This option looks a bit
pricey,
> > but sounds like the best solution so far.
> >
> > QUESTION: Does anybody have a better solution than #4?
>
> If you really want a SSL ftp server check out,
> http://bsdftpd-ssl.sc.ru/
> Here is a list of ftp servers and descriptions, including more than one
> that does ssl, http://www.linuxmafia.com/pub/linux/security/ftp-daemons
--David Davis
_______________________________________________
RLUG mailing list
[EMAIL PROTECTED]
http://www.rlug.org/mailman/listinfo/rlug
