[Q] create account which can only transfer file use SSH????
Benjamin J. Weiss
benjamin at birdvet.org
Thu Jan 20 21:19:31 UTC 2005
Ed Wilts wrote:
>On January 7, 2005 08:17 am, mcclnx mcc wrote:
>
>
>>We have Redhat AS 2.1 nad 3.0 installed on servers.
>>Due to security reason, we disable FTP and TELNET.
>>Server onlly support SSH.
>>
>>We plan to create a account which can ONLY login and
>>transfer data use scp or winscp on PC site (similiar
>>to FTP function).
>>
>>
>
>Many people are mistaken in that they think that just because they use
>SSH, the system is magically more secure. This is simply false. You
>can actually make your system *more* secure using a good FTP server
>(ProFTPd is a good candidate). Unless you go through a lot of
>contortions, ssh is simply too wide open and you trust the user a lot
>more than you should.
>
>
I'd suggest vsftpd instead. It comes with RedHat, and is encrypted.
Thus you don't transmit your passwords in the clear.
Ben
More information about the redhat-list
mailing list