I am trying to create an ideal secure file transfer solution using open-source software. Everybody knows FTP is insecure, but what can replace it?
The desired features include: able to 'chroot' users into their home directories when they log in, ability to use existing versions of client software (access ftp site from a browser, ws_ftp, etc.), encrypted transmission of data and commands. Briefly, this is what I have found regarding the server-side setup: 1. FTP is good for creating chroot jails for users, but uses unencrypted channels, exposing commands (e.g, username/password) and data. 2. FTP over an SSH tunnel encrypts the command channel, but leaves the data unencrypted. 3. SFTP encrypts both the command and data channels, but chroot jails are only available with the commercial version of ssh (ssh.com). This also requires a client/user to install software on their PC with which they might not already be familiar. 4. Implicit or Explicit FTP over SSL will encrypt both the data and command channels and can be implemented using Glub Tech's Secure FTP Wrapper (http://www.glub.com/products/ftpswrap/). This option looks a bit pricey, but sounds like the best solution so far. QUESTION: Does anybody have a better solution than #4? David Davis -- [EMAIL PROTECTED] _______________________________________________ RLUG mailing list [EMAIL PROTECTED] http://www.rlug.org/mailman/listinfo/rlug
