FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 03-10-2011, 02:56 PM
Jason Hsu
 
Default What is the most secure FTP server?

I understand that regular FTP has inferior security due to the lack of encryption. So I'm looking for an alternative to use on my home server.

What is your favorite alternative and why? Implicit FTPS? SFTP? FTP over SSH? Or something else?

--
Jason Hsu <jhsu802701@jasonhsu.com>


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20110310095632.ea960454.jhsu802701@jasonhsu.com">h ttp://lists.debian.org/20110310095632.ea960454.jhsu802701@jasonhsu.com
 
Old 03-10-2011, 03:16 PM
Camaleón
 
Default What is the most secure FTP server?

On Thu, 10 Mar 2011 09:56:32 -0600, Jason Hsu wrote:

> I understand that regular FTP has inferior security due to the lack of
> encryption. So I'm looking for an alternative to use on my home server.

An alternative to FTP can be SSH. But you can still secure your FTP
server by adding TLS (most of the major FTP packages provide that
functionality). I personally like Vsftp.

> What is your favorite alternative and why? Implicit FTPS? SFTP? FTP
> over SSH? Or something else?

That depends... SSH is very powerful for admins (with full login
capabilities or for system users with shell access) but to allow external/
remote users to just upload some files "securely" you can use FTPS.

In brief, for:

- Server managing purposes (SSH)
- File transfers for system users with shell access (SFTP)
- Remote/external file transfers with no shell access (FTPS)

Greetings,

--
Camaleón


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: pan.2011.03.10.16.16.49@gmail.com">http://lists.debian.org/pan.2011.03.10.16.16.49@gmail.com
 
Old 03-10-2011, 03:19 PM
shawn wilson
 
Default What is the most secure FTP server?

my favorite alternative to ftp? YES! all, everything, anything. hell, dropbox is better than ftp.

but, just fire up your ssh server and out of the box, you've got tons of features - including file transfer.


here's another suggestion: don't, under any circumstances, ever use ftp. for clients on non-unix boxes, look at winscp or cyberduck.

On Thu, Mar 10, 2011 at 10:56 AM, Jason Hsu <jhsu802701@jasonhsu.com> wrote:

I understand that regular FTP has inferior security due to the lack of encryption. *So I'm looking for an alternative to use on my home server.




What is your favorite alternative and why? *Implicit FTPS? *SFTP? *FTP over SSH? *Or something else?



--

Jason Hsu <jhsu802701@jasonhsu.com>





--

To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org

with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Archive: http://lists.debian.org/20110310095632.ea960454.jhsu802701@jasonhsu.com
 
Old 03-10-2011, 03:52 PM
Volkan YAZICI
 
Default What is the most secure FTP server?

On Thu, 10 Mar 2011 09:56:32 -0600, Jason Hsu writes:
> I understand that regular FTP has inferior security due to the lack of
> encryption. So I'm looking for an alternative to use on my home
> server.
>
> What is your favorite alternative and why? Implicit FTPS? SFTP? FTP
> over SSH? Or something else?

vsftpd is just rocking, but if I were you, I'd stick with OpenSSH. I'd
create an "sftp" group for just FTP users, and jail SSH connections
coming from users in "sftp" group into their home directory. (See
here[1] for details.)


Regards.

[1] http://www.techrepublic.com/blog/opensource/chroot-users-with-openssh-an-easier-way-to-confine-users-to-their-home-directories/229


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 871v2e6hp1.fsf@alamut.ozu.edu.tr">http://lists.debian.org/871v2e6hp1.fsf@alamut.ozu.edu.tr
 
Old 03-10-2011, 04:27 PM
 
Default What is the most secure FTP server?

Hello Jason,

From: Jason Hsu <jhsu802701@jasonhsu.com>
Date: Thu, 10 Mar 2011 09:56:32 -0600
> What is your favorite alternative and why? Implicit FTPS? SFTP? FTP over SSH? Or something else?

Another possibility is to firewall your LAN and use an ftp
with satisfactory features. You will find that plain FTP
and telnet are faster than any SSH. Significant if you use
the connections several times a day. Of course, if the
connection is rarely used, responsiveness is no concern.

Regards, ... Peter E.

--
Telephone 1 360 450 2132.
Shop pages http://carnot.yi.org/ accessible as long as the old drives survive.
Personal pages http://members.shaw.ca/peasthope/ .


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 171056938.38627.33134@cantor.invalid">http://lists.debian.org/171056938.38627.33134@cantor.invalid
 
Old 03-10-2011, 05:20 PM
shawn wilson
 
Default What is the most secure FTP server?

On Mar 10, 2011 12:27 PM, <peasthope@shaw.ca> wrote:

>

> Hello Jason,

>

> From: * Jason Hsu <jhsu802701@jasonhsu.com>

> Date: * Thu, 10 Mar 2011 09:56:32 -0600

> > What is your favorite alternative and why? *Implicit FTPS? *SFTP? *FTP over SSH? *Or something else?

>

> Another possibility is to firewall your LAN and use an ftp

> with satisfactory features. *You will find that plain FTP

> and telnet are faster than any SSH. *Significant if you use

> the connections several times a day. *Of course, if the

> connection is rarely used, responsiveness is no concern.

>

>


Ok, my gut tells me that plain text protocols might be faster than encrypted ones. However, I have no data to back this up and have never noticed 'significant' differences between rsync and rsync+ssh. Do you have this benchmark or are you just going by gut reaction too?
 
Old 03-11-2011, 02:50 AM
"Robert Blair Mason Jr."
 
Default What is the most secure FTP server?

On Thu, 10 Mar 2011 13:20:26 -0500
shawn wilson <ag4ve.us@gmail.com> wrote:

> On Mar 10, 2011 12:27 PM, <peasthope@shaw.ca> wrote:
> >
> > Hello Jason,
> >
> > From: Jason Hsu <jhsu802701@jasonhsu.com>
> > Date: Thu, 10 Mar 2011 09:56:32 -0600
> > > What is your favorite alternative and why? Implicit FTPS? SFTP? FTP
> over SSH? Or something else?
> >
> > Another possibility is to firewall your LAN and use an ftp
> > with satisfactory features. You will find that plain FTP
> > and telnet are faster than any SSH. Significant if you use
> > the connections several times a day. Of course, if the
> > connection is rarely used, responsiveness is no concern.
> >
> >
>
> Ok, my gut tells me that plain text protocols might be faster than encrypted
> ones. However, I have no data to back this up and have never noticed
> 'significant' differences between rsync and rsync+ssh. Do you have this
> benchmark or are you just going by gut reaction too?

Quick question for those of us running anonymous ftp:
Is it possible to configure vsftpd to allow unencrypted anonymous sessions, but require encryption for all user sessions? I've looked at the configuration but all of the encryption settings seem to be global (no configuration on a per-user/group basis).

--
rbmj


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20110310225016.67a979a5@blair-laptop">http://lists.debian.org/20110310225016.67a979a5@blair-laptop
 
Old 03-11-2011, 08:56 AM
Chris Davies
 
Default What is the most secure FTP server?

Camaleón <noelamac@gmail.com> wrote:
> In brief, for:
> - Server managing purposes (SSH)
> - File transfers for system users with shell access (SFTP)
> - Remote/external file transfers with no shell access (FTPS)

Also file transfers for system users, without shell access (SFTP). There
is a surprising amount of flexibility available in the configuration;
I suggest you might like to re-read sshd_config and in particular uses
of "internal-sftp".

Regards,
Chris


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: o78p48xcqu.ln2@news.roaima.co.uk">http://lists.debian.org/o78p48xcqu.ln2@news.roaima.co.uk
 
Old 03-11-2011, 03:56 PM
Camaleón
 
Default What is the most secure FTP server?

On Fri, 11 Mar 2011 09:56:40 +0000, Chris Davies wrote:

> Camaleón <noelamac@gmail.com> wrote:
>> In brief, for:
>> - Server managing purposes (SSH)
>> - File transfers for system users with shell access (SFTP)
>> - Remote/external file transfers with no shell access (FTPS)
>
> Also file transfers for system users, without shell access (SFTP). There
> is a surprising amount of flexibility available in the configuration; I
> suggest you might like to re-read sshd_config and in particular uses of
> "internal-sftp".

Sure, there are many variations that you can apply for each of those
options. Note the "in brief" I added, I was trying to give a "big
picture" of all the possibilities without entering into the specifics,
that's up to the user and his requirements.

Greetings,

--
Camaleón


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: pan.2011.03.11.16.56.14@gmail.com">http://lists.debian.org/pan.2011.03.11.16.56.14@gmail.com
 

Thread Tools




All times are GMT. The time now is 12:21 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org