I think I would want to have SSH
implemented for any
outside access (and require the use sftp
"...operates over an encrypted ssh
, you control who has what access and it's a reliable way to do what you're interested in. SSH
is, in many ways, analogous to the user id/password system.
You may wish to turn off (or not turn on) ftp
services, possibly found in /etc/inetd.conf
(your location may vary). The services lines in /etc/inetd.conf
look like this:
# These are standard services:
# Very Secure File Transfer Protocol (FTP) server.
#ftp stream tcp nowait root /usr/sbin/tcpd vsftpd
# Professional File Transfer Protocol (FTP) server.
#ftp stream tcp nowait root /usr/sbin/tcpd proftpd
# Telnet server:
#telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd
On my systems, there are all commented out (meaning that they are not available) and external users are required to use SSH
(and, thus, sftp
) for any connections or file transfers.
Hope this helps some.