Ed Wilts wrote:
On January 7, 2005 08:17 am, mcclnx mcc wrote:
We have Redhat AS 2.1 nad 3.0 installed on servers.
Due to security reason, we disable FTP and TELNET.
Server onlly support SSH.
We plan to create a account which can ONLY login and
transfer data use scp or winscp on PC site (similiar
to FTP function).
Many people are mistaken in that they think that just because they use
SSH, the system is magically more secure. This is simply false. You
can actually make your system *more* secure using a good FTP server
(ProFTPd is a good candidate). Unless you go through a lot of
contortions, ssh is simply too wide open and you trust the user a lot
more than you should.
I'd suggest vsftpd instead. It comes with RedHat, and is encrypted.
Thus you don't transmit your passwords in the clear.
Ben
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list