securing FTP

radnix · 09-15-2002, 10:06 AM

I need some suggestions on how to secure FTP transactions. Presently, I'm on ports 20/21 for my FTP process and now need to study/find out about using an alternative way to 'ditch' this and incorporate some form of encrypted FTP.

I've done a little reading

on openssl, does the sftp use a different port ? Almost sounds like it's using the same https 443 port.

What's the best way to proceed

Thanks ahead !

Ztyx · 09-15-2002, 11:11 AM

sftp connects to the OpenSSH package which normally runs on port 22 (you can change it in /etc/ssh/sshd_config).

I suggest you use OpenSSH, it works fine and works from Windows aswell (using WinSCP which is freeware). I use it a lot and it works great.

radnix · 09-15-2002, 12:38 PM

Thanks for the response.

I'll continue with openssh and tunnel it into 22 via ssh.

stickman · 09-16-2002, 01:46 PM

I don't think that he had tunneling in mind when the suggestion was made. I'm assuming that he meant to use the SFTP server. Although I prefer to use OpenSSH myself, another option is linux-ftpd-ssl which can be found over at freshmeat.net.