Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Just remember that unless you are using an ssl encrypted connection any passwords will be sent in plain text. As an anonymous ftp system it is perfect.
sftp is more secure and I would recomend using it where possible. The only problem comes when people don't know about sftp or have sftp clients, if it is just for youself there should be no issue.
Thought I would add this for any DreamweaverMX 2004 (v. 7.0.1) users out there. Dreamweaver has built-in SFTP client, select check the "Use secure FTP (SFTP)" option Not sure about earlier versions, but if I remember correctly I had to setup up putty and tunnel in somehow (a friend helped me set it up) in earlier version
Originally posted by sigsegv Force the users to use sftp. WinSCP is so easy even a windows user can use it
You can also use something like scponly to put them in a chroot environment if that's needed.
I wouldnt say that... I started an online intro OS class (-sigh- dont ask, lots of drama lol), and its basically learning UNIX from a Linux environment. It took quite a few people a little longer than I would have thought to learn WinSCP.
I'm willing to bet if we weren't in a class, and instead they were trying to download something off a website, they would have given up instead. We -need- putty/winscp to do our work in class, so they were forced
Instead of forcing your users to use program XYZ, they should force -YOU- to install server XYZ. In this case, VSFTPD over SSL, so you dont make users switch FTP clients that they've grown to love (especially web designers, do NOT make them switch their beloved FTP clients!! ) After all, we're the techies here right?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.