Greg Kilfoyle wrote:
Hi,
I'm trying to set up my server so that no clear text passwords are used to access the system.
The server is used (by others) via the following access methods:
- POP3 email - IMAP email - web (including web mail) - ftp (for uploading files, mainly web pages)
Most of my users have windows desktops, so I'm limited to SSL/TLS for securing mail server access. I like digest-md5, which evolution supports, but Outlook doesn't support this.
For web access, SSL/TLS works fine.
I don't know what to do for ftp. Can SSL/TLS be used with ftp and do windows applications, such as FrontPage support it?
SecureFX from VanDyke Technologies is a very good ftp client for Win
Another approach is to have ftp use a different password than the one used for email - not sure how to do this.
Use qmail with vpopmail and qmailadmin, this disconnects email from unix users altogether, that way only the web developers need have a unix account. qmail/vpopmail can be set up to pop via a secure link, although I have not done so myself.
sqwebmail works with the above, and squirrelmail can be made to, and so can courier-IMAP.
Hope this helps
Any suggestions welcome.
Thanks, Greg.
- : send the line "unsubscribe linux-admin" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
- : send the line "unsubscribe linux-admin" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
