On Friday 03 February 2006 21:51, Bob Beck wrote: > Why? if you allow anyone to connect to it anonymously > what do you gain by using ssh? sftp (non anonymous) exists for > a real reason (secure authenticated-by-ssh file transfer, i.e. > particularly to allow up and download...) > > If all you want is something "less evil for firewalls" Try using a > web server instead - if you really want the connection stream > encrypted to an anonymous endpoint use an SSL'ed web server. > > -Bob > > * Peter Fraser <[EMAIL PROTECTED]> [2006-02-03 14:45]: > > Since I believe that everyone agrees that ftp is > > horrible, particularly for firewalls. How come > > there is no equivalent to an anonymous sftp.
Consistency. I have seen a case of a company where users had both sftp and ftp. The FTP server was for distributions of software and sftp for dealing with customer data. Well, some salespeople confused the two and started sending the customer data via FTP... It would have been better to do everything via sftp. They did, by nuking the ftp machine and publishing an account/pw on the sftp system. So, while I would agree that it doesn't seem reasonable to have anonymous sftp, those peksy users proved it would have been useful. --STeve Andre'
