[NTLUG:Discuss] What is the most secure FTP w/SSH?
David Camm
dcamm at advwebsys.com
Tue Dec 30 09:20:47 CST 2003
one minor correction:
"Either take FTP and get the chroot (but you won't get a seperate one for each
user)"
with proftpd, you can set up individual users to be chrooted to the home
directory defined in their /etc/passwd entry. you make the users part of a
specific group and tell proftpd to chroot any user in that group. in
/etc/proftpd.conf:
DefaultRoot ~ [groupname_for chrooted_users]
from a windoze client perspective, the venerable ws_ftp (pro version) supports
secure transfer via ssl as well as sftp to an ssh server. this, however is NOT
freeware.
david camm
advanced web systems
NTLUG wrote:
> On Tue, 2003-12-30 at 08:24, Bob Byron wrote:
>
>>I need to setup ftp access to a linux server. I would like to know
>>the most secure way to do this. I want to make sure that the ftp
>>server is chroot'ed, hopefully a different root for each user.
>>
>>I want to use SSH to insure an encrypted connection. Or, I am
>>open for suggestions. I have seen that winSCP offers secure
>>access, but it has not been chroot'ed.
>>
>
> The SSH suite (includes SFTP - ssh like ftp, SSH - telnet like, and SCP
> - rcp like). For the time being you are pretty much going to have to
> take one or the other. Either take FTP and get the chroot (but you
> won't get a seperate one for each user) but use an unencrypted plain
> text protocol, or you use SSH/SFTP/SCP and get the secure protocol but
> not the chroot. My suggestion would be go with SFTP or SCP then if/when
> ssh is ever chroot'ed you can migrate that functionality, but I wouldn't
> bypass it now, because of that.
>
More information about the Discuss
mailing list