> On 10/15/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > 2. Using vsftpd which support ssl both on login and on the data transfer > > (prefered), > > and then using the buildin support for jailing users. Then linking the > > directories > > inside their home directories. > > I've successfully used vsftpd with SSL while chrooting users into > their /var/www/users/$USER directories. > > Both solutions worked for me. The sftp one was easier to set up and, > at this point, there are more freely available sftp clients than > ftp+ssl clients (especially for Windows) so I'd probably go with the > stsftp option.
One thing about using vsftpd + SSL is that you can write your own authentication mechanisms. So, I wrote one that uses testsaslauthd to authenticate against my IMAP server (which authenticates against MySQL). So, the website users don't actually have Unix passwords and can't actually log into the system. -- http://erdelynet.com/ Support OpenBSD! http://www.openbsd.org/orders.html
