On 02/06/2014 09:55 PM, Matthew Miller issued this missive:
On Thu, Feb 06, 2014 at 05:38:35PM -0500, Robert P. J. Day wrote:
<snip>
By contrast, despite having the substring sftp in its name, vsftpd is a standard FTP server and by default transmits any passwords in plain text.
It's only called "vsftpd" because it's the "very secure FTP daemon". A MUCH better replacement for the old, commonly used wu-ftpd (Washington University FTP daemon), which had a large number of security holes. And yes, it's just an FTP daemon, but one of the few that supports FTPS (FTP over SSL). As someone else said, sftp (using ssh) is a much more firewall-friendly mechanism and one that does not pass ANYTHING over the link unencrypted. ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer, AllDigital ricks@xxxxxxxxxxxxxx - - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - - - - Have you noticed that "human readable" configuration file - - directives are beginning to resemble COBOL code? - ---------------------------------------------------------------------- -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org