On Tue, 19 Nov 2002, Brian Lavender wrote: > On Mon, Apr 08, 2002 at 09:19:12PM -0700, Gabriel Rosa wrote: > > > Why not ssh/scp? :) > > Here are four reasons. > > Because scp uses encryption and therefore is slower. > > Almost everyone has an ftp client. Even Win 95 has a Windows > client built into it. I would say more people are familiar > with ftp than ssh. > > Your system could still be vulnerable even with ssh. dsniff, ssl > exploits... > > You can configure a guest ftp and anonymous ftp, where the user > only sees your chroot area of the system.
Man, this was posted in April, but anyway... I just want to address the last reason. In SSH 3.x, there is a way to restrict a user to the user's home directory. Follow this: http://www.ssh.com/support/documentation/online/ssh/adminguide/32/Using_Chroot_Manager__ssh-chrootmgr_.html#indexdef-584 Basically, you use ssh-chrootmgr. I haven't done it myself, but it exists. As for the other points: I doubt the overhead in encryption outweighs the safety of encryption; practically everyone has an ftp client, but they should now have a ssh/scp client; and the system is just as vulnerable with an exploitable ssh or ftp server, but the communication will be secure in the unexploited ssh environment. My 2 cents. > brian FL _______________________________________________ vox-tech mailing list [EMAIL PROTECTED] http://lists.lugod.org/mailman/listinfo/vox-tech
