Re: Web based password changer
Quoting Tom White [EMAIL PROTECTED]: Dear List, I'm looking for a decent, secure, web based password changer for user accounts. Something that I can install on a debian box with a minimum amount of tweaking, and that isn't really any less secure than a shell user changing their password locally over ssh. Is there anything out there that someone has had good experiences with? ~Tom White PS - how do you fit down the chimney? and please don't leave coal in my stocking this year. Horde(1) has a password module. Works on ldap and unix accounts. 1: www.horde.org -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Web based password changer
Quoting Tom White [EMAIL PROTECTED]: Dear List, I'm looking for a decent, secure, web based password changer for user accounts. Something that I can install on a debian box with a minimum amount of tweaking, and that isn't really any less secure than a shell user changing their password locally over ssh. Is there anything out there that someone has had good experiences with? ~Tom White PS - how do you fit down the chimney? and please don't leave coal in my stocking this year. Horde(1) has a password module. Works on ldap and unix accounts. 1: www.horde.org
Re: recommendations for FTP server (fwd)
FileZilla ( http://sourceforge.net/projects/filezilla/ ) is a great FTP client for Windows that support SSL.. Quoting [EMAIL PROTECTED]: From:[EMAIL PROTECTED] To: Dariush Pietrzak [EMAIL PROTECTED] Subject: Re: recommendations for FTP server Date:Sat, 21 Jun 2003 01:09:45 + I know about SSL/TLS support in Proftp, the only problem is that few clients support it (thanks fot the link to the Woody backport). I would use it if I could find clients that are supported by multiple OSes. Are there any SSL/TLS clients for Windows, OS X or Mac 9x? Proftpd does support SSL/TLS. It's a module that comes with it, it's just not enabled by default. Some nice docs here: http://www.castaglia.org/proftpd/modules/mod_tls.html http://www.castaglia.org/proftpd/doc/contrib/ProFTPD-mini-HOWTO-TLS.html Actually... it's enabled by default, that's why it says 'no certificate found' when you start it the first time. Neither sftp nor anything else is a 'drop-in' replacement for ftp. The only problem with TLS/SSL in ftp is that there are not that many clients that support that - there are NONE in woody. You need to backport lftp from sid or compile it yourself ( I've got my backport available from http://eyck.forumakad.pl/woody ./ ) There are few other options - tlswrap changes every passive-capable ftp client into TLS-capable ftp client, there is this nice POSIX/Windoze lundfxp client etc.. The way I see it, sftp is way less secure way of providing access to files then tls/ftp, you see, you need to create valid ssh-able accounts for all your users, then it'll take you some time to secure those accounts just a bit ( scp-only acount? - great, if you wanna play around and compile special shell... there is no scp-shell in woody, there is one in sid. Is it safe enough? Who knows ). With ftp users need no shell, need no nothing. I create unlimited number of users and worry not -- Dariush Pietrzak, I ain't the sharpest tool in a shed. Key fingerprint = 40D0 9FFB 9939 7320 8294 05E0 BCC7 02C4 75CC 50D9 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: recommendations for FTP server (fwd)
FileZilla ( http://sourceforge.net/projects/filezilla/ ) is a great FTP client for Windows that support SSL.. Quoting [EMAIL PROTECTED]: From:[EMAIL PROTECTED] To: Dariush Pietrzak [EMAIL PROTECTED] Subject: Re: recommendations for FTP server Date:Sat, 21 Jun 2003 01:09:45 + I know about SSL/TLS support in Proftp, the only problem is that few clients support it (thanks fot the link to the Woody backport). I would use it if I could find clients that are supported by multiple OSes. Are there any SSL/TLS clients for Windows, OS X or Mac 9x? Proftpd does support SSL/TLS. It's a module that comes with it, it's just not enabled by default. Some nice docs here: http://www.castaglia.org/proftpd/modules/mod_tls.html http://www.castaglia.org/proftpd/doc/contrib/ProFTPD-mini-HOWTO-TLS.html Actually... it's enabled by default, that's why it says 'no certificate found' when you start it the first time. Neither sftp nor anything else is a 'drop-in' replacement for ftp. The only problem with TLS/SSL in ftp is that there are not that many clients that support that - there are NONE in woody. You need to backport lftp from sid or compile it yourself ( I've got my backport available from http://eyck.forumakad.pl/woody ./ ) There are few other options - tlswrap changes every passive-capable ftp client into TLS-capable ftp client, there is this nice POSIX/Windoze lundfxp client etc.. The way I see it, sftp is way less secure way of providing access to files then tls/ftp, you see, you need to create valid ssh-able accounts for all your users, then it'll take you some time to secure those accounts just a bit ( scp-only acount? - great, if you wanna play around and compile special shell... there is no scp-shell in woody, there is one in sid. Is it safe enough? Who knows ). With ftp users need no shell, need no nothing. I create unlimited number of users and worry not -- Dariush Pietrzak, I ain't the sharpest tool in a shed. Key fingerprint = 40D0 9FFB 9939 7320 8294 05E0 BCC7 02C4 75CC 50D9 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: FTP-SSL
Quoting Cristian Ionescu-Idbohrn [EMAIL PROTECTED]: On Thu, 19 Dec 2002, Daniel Lysfjord wrote: It seems like FileZilla[1] supports ftp-ssl.. [1]: http://sourceforge.net/projects/filezilla What about lftp? Depends: ..., libssl0.9.6, ... From man lftp(1) : lftp can handle six file access methods - ftp, ftps, http, https, hftp, fish and file (https and ftps are only availĀ able when lftp is compiled with openssl library). apt-cache show ftp : Description: Sophisticated command-line FTP/HTTP client programs Lftp is a file retrieving tool that supports FTP and HTTP protocols under both IPv4 and IPv6. Lftp has an amazing set of features, while preserving its interface as simple and easy as possible. Seems like it should work with ftps, but the description doesn't mention it... Anybody know about this. I don't know any ftps-servers, so I can't test if it works... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: FTP-SSL
It seems like FileZilla[1] supports ftp-ssl.. [1]: http://sourceforge.net/projects/filezilla
Re: FTP-SSL
Quoting Cristian Ionescu-Idbohrn [EMAIL PROTECTED]: On Thu, 19 Dec 2002, Daniel Lysfjord wrote: It seems like FileZilla[1] supports ftp-ssl.. [1]: http://sourceforge.net/projects/filezilla What about lftp? Depends: ..., libssl0.9.6, ... From man lftp(1) : lftp can handle six file access methods - ftp, ftps, http, https, hftp, fish and file (https and ftps are only availĀ able when lftp is compiled with openssl library). apt-cache show ftp : Description: Sophisticated command-line FTP/HTTP client programs Lftp is a file retrieving tool that supports FTP and HTTP protocols under both IPv4 and IPv6. Lftp has an amazing set of features, while preserving its interface as simple and easy as possible. Seems like it should work with ftps, but the description doesn't mention it... Anybody know about this. I don't know any ftps-servers, so I can't test if it works...
Re: NIS
On Tue, 29 Oct 2002, Francois Sauterey wrote: HI, I'm looking for any craft to secure YP: I'm working around shadow password and yp. shadow passwords are stupid if ypcat passwd give the encripted passwords ! Well, I use (in /etc/ypserv): * : passwd.byname: port : yes * : passwd.byuid : port : yes passwd are mangled , but the ftp server, on a YP-client machine, do not recognize any user. Any solution ? If You are using ProFTPd, then using : PersistentPasswdoff in your /etc/proftpd.conf would do the trick -Daniel Lysfjord-
Re: NIS
On Tue, 29 Oct 2002, Francois Sauterey wrote: HI, I'm looking for any craft to secure YP: I'm working around shadow password and yp. shadow passwords are stupid if ypcat passwd give the encripted passwords ! Well, I use (in /etc/ypserv): * : passwd.byname: port : yes * : passwd.byuid : port : yes passwd are mangled , but the ftp server, on a YP-client machine, do not recognize any user. Any solution ? If You are using ProFTPd, then using : PersistentPasswdoff in your /etc/proftpd.conf would do the trick -Daniel Lysfjord- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
