Michael Rice wrote: >>If it's at all feasable, i urge you to implement SSH (and >>SCP for file transfers). >> > > I've heard this recommendation all too often. Implementing SSH/SCP gives > the user far more than file transfer ability. (though my experience is on > unix, I don't know about SSH/SCP on Windows). > > If I wanted to give a user just file transfer ability -- and not > implicitly give them interactive/shell/execute ability -- what services > and server implementations could I look for? >
You can always implement kerberized ftp. This provides the security you want without giving users access to the shell (though I imagine you might be able to run sftp without allowing access via ssh2, that might be worth looking into). I don't know off-hand what servers support kftp (I know there are some as it is used here...assuming you can use a unix based server) but there are clients for many platforms, including unix and windows. -- Devon Ryan | [EMAIL PROTECTED] Biology/Neuroscience, Pre-med | http://home.uchicago.edu/~dpryan SG Unix Systems Administrator | [EMAIL PROTECTED] Max Palevsky RCA | [EMAIL PROTECTED]
