On Mon, 1 Aug 2005 12:49:49 -0500, "Bob Bostwick \(Lists\)" <[EMAIL PROTECTED]> wrote:
> I am implementing an FTP server and need it to use SSL/TLS. I >know ftpd doesn't support this, and was wondering if anyone had any >suggestions on an alternative. I know SFTP exists, but that is not an >option, as the clients are not going to change. I know pure-ftpd >supports this, but didn't know if there was anything better or not. As you already seem to know, the best answer is to use something that's reasonably secure like SFTP. Since FTP over SSL/TLS is going to require configuration changes on the client side and possibly upgrades of client-side software, why not just require a new client that supports SFTP? There are free SFTP clients out there for most platforms, heck there's even at least one free client for MS-Windows (FileZilla on sourceforge comes to mind). You're talking about hanging yet another box on the net supporting an outdated, insecure and most importantly, difficult (often blocked or messed up by NAT) protocol. Wrapping FTP in SSL/TLS dose help some of the problems but it does not solve all of them. Kind Regards, JCR -- A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail?
