On Fri, 2006-10-06 at 12:56 -0400, stuartv wrote: > However, now that we need this cert, > one of the few things still standing in the way is the requirement that we > set up > the FTP server to lockout (for 30min.) any account that fails to login 3 > times in a row. I haven't been able to find any ftp software that does > that. The FTP server that ships with OpenBSD uses system accounts, and I > haven't > figured out how to do that there either.
I was faced with a similar situation a couple of years ago. What I did was use PureFTPd (availabe in ports) which allows you to write your own authentication backend. I wrote mine in perl and stored everything I needed in a SQL database. not the safest, or most stable solution, but given the requirements of the project it worked really well and allowed for easy administration. of course, normal disclaimers apply...your server will only be as "secure" (if you can call FTP secure) as your custom authentication program is. hope this helps. ryanc -- Ryan Corder <[EMAIL PROTECTED]> Systems Engineer, NovaSys Health LLC. 501-219-4444 ext. 646 [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
