Security Question
Christopher K. Johnson
ckjohnson at gwi.net
Sun Aug 22 22:00:37 UTC 2004
Roger Taranto wrote:
>I've just upgraded to FC2, and I'm trying to figure out who to handle a
>security access situation. I would like to keep the security on the machine
>pretty high since I use it as a firewall, but I also would like to give
>access to a friend to update a web site hosted on the computer. She would
>be coming in via FTP (for example, DreamWeaver), but is using a cable
>connection and therefore won't always be tied to the same IP address.
>
>How do I keep security tight while still allowing her to connect to update
>the web site?
>
>Thanks,
>-Roger
>
>
>
>
As a firewall it is a mistake to allow any outside access to services
that authenticate without encrypting. So ftp access is a really bad
idea. Your best option might be webDAV over ssl. It can be configured
on your web server be id/password restricted, and use a test certificate
you create for ssl encryption. Another secure alternative is scp, but
then you have allowed the person shell login access using ssh as well.
If that is not necessary, use the webDAV over ssl.
--
-----------------------------------------------------------
"Spend less! Do more! Go Open Source..." -- Dirigo.net
Chris Johnson, RHCE #807000448202021
More information about the fedora-list
mailing list