> On Mon, 1 Aug 2005 12:49:49 -0500, "Bob Bostwick \(Lists\)" > <[EMAIL PROTECTED]> wrote: > >> I am implementing an FTP server and need it to use SSL/TLS. I >>know ftpd doesn't support this, and was wondering if anyone had any >>suggestions on an alternative. I know SFTP exists, but that is not an >>option, as the clients are not going to change. I know pure-ftpd >>supports this, but didn't know if there was anything better or not. > > As you already seem to know, the best answer is to use something > that's reasonably secure like SFTP. > > Since FTP over SSL/TLS is going to require configuration changes on > the client side and possibly upgrades of client-side software, why not > just require a new client that supports SFTP? > > There are free SFTP clients out there for most platforms, heck there's > even at least one free client for MS-Windows (FileZilla on sourceforge > comes to mind). > > You're talking about hanging yet another box on the net supporting an > outdated, insecure and most importantly, difficult (often blocked or > messed up by NAT) protocol. Wrapping FTP in SSL/TLS dose help some of > the problems but it does not solve all of them. > > Kind Regards, > JCR
I'm sorry but there's no e.g. official "AnnonSFTP"-Patch/Modification for OpenSSH. As far as I know you're not able to splitt the SFTP from the SSH-Account (I don't mention any unofficial Patchs wich may work). That's why FTPS-Servers, or at least FTP-Servers wich support SSL/TLS, are still in use. The best example is maybe the AnonCVS-"Hack" you've to apply if you wanna set up an AnonCVS-Server. So as far as I know every SFTP-User needs an SSH-Account. FTP-Servers have offen a seperated Account-File wich isn't related to the official System-Accounts at the Server. Kind regards, Sebastian
