Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Thank you for your input.
I just finish created an FTP account for one of the employee and since he works with third party and he would like to know if that possible to create an additional account so that party can just download the files. And he doesn't want that party to delete or mess up with his file. Do you think it is safe or recommend to create anonymous account for it?
It depends upon what you mean by 'safe'. If it is OK for just anyone in the world to download the available files and you make an account (and adjust permissions) so they can only download and not upload, it is pretty safe until you get compromised.
One thing to realize, is that FTP passes account names and passwords in clear text. Anyone who can trap packets and read can easily own any of your FTP accounts. Only if they are ALL download only is there any security. Using a protocol that encrypts security information (sftp already mentioned) is the generally accepted answer to that security issue. No FTP server can be made entirely safe. The best I know runs from CD or DVD (read only media) does not use persitance, and reboots from the read-only media at encountering any suspicious behavior. (And that is DARNED inconvenient at times). FTP is just not secure or safe, period.
Being safe and secure and using ftp do not work together. You might consider one of the more secure ftp server packages, locking down all accounts and file spaces ftp users can reach to make them read-only, and monitoring logs carefully, running rootkithunter and other compromise detection, backing up often, and praying a lot.
Or you could use a more secure protocol, still engage most of the above, but relax a bit.