Ed Wilts wrote:
This is the type of information I was looking for. Thanks. Perhaps when sftp is more mature, it will do the same.It's also interesting to note that by default, wu-ftpd will log the security violation attempt but sftp won't. You can make as many attempts to hunt around and see what files you are allowed to transfer, and in fact transfer everything, and the sysadmin will never know what you've done. wu-ftpd, on the other hand, logs every transfer and transfer attempt.
Having had a machine cracked (not because of ftp), I don't want to go through reinstalling everything and settting everything back up. If there is even a one in one-billionth chance that someone could sniff out a password, that's a risk I am not willing to take. I guess it really depends on how secure and how private the physical network really is.Why people insist on stating that sftp is more secure than ftpd is beyond me. There's a heck of a lot more to security than just passing along a password in clear text (which in the vast majority of installations is not practically sniffable anyway).
Thanks again for the enlightenmenting comments, Ed. :)
-- Psyche-list mailing list Psyche-list@redhat.com https://listman.redhat.com/mailman/listinfo/psyche-list
