From owner-freebsd-isp Sun Jul 30 19:13: 3 2000 Delivered-To: freebsd-isp@freebsd.org Received: from enya.clari.net.au (enya.clari.net.au [203.8.14.116]) by hub.freebsd.org (Postfix) with ESMTP id D6D9E37B810 for ; Sun, 30 Jul 2000 19:12:54 -0700 (PDT) (envelope-from danny@freebsd.org) Received: from localhost (danny@localhost) by enya.clari.net.au (8.9.2/8.9.1) with ESMTP id MAA12829; Mon, 31 Jul 2000 12:12:18 +1000 (EST) (envelope-from danny@freebsd.org) X-Authentication-Warning: enya.clari.net.au: danny owned process doing -bs Date: Mon, 31 Jul 2000 12:12:18 +1000 (EST) From: "Daniel O'Callaghan" X-Sender: danny@enya.clari.net.au To: Gabriel Ambuehl Cc: Veaceslav Revutchi , freebsd-isp@freebsd.org Subject: Re: web hosting, what ftp to use? In-Reply-To: <12774225420.20000730190746@buz.ch> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sun, 30 Jul 2000, Gabriel Ambuehl wrote: > > procedure that you guys use in this situation? Do you allow only sftp > > or do you use something else or do you just not care > > that a clients password gets sniffed and his web site gets > > highjacked? > > If a client asked about some secure fashion to update his website, I'd > give him a very limited shell account which would basically just allow scp > and some of the bin utils to manage his own files. > > But normal clients don't worry about such issues and most wouldn't be > able to use scp either... If FTP wouldn't use that sick split of data > and command connection one could use some sort of SSL proxy but I You can use sslproxy and WS_FTP (and others) in passive mode. Danny To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message