Whoop, you’re right.
My mistake. What was I thinking?
The rest of my reco’s are good, right?
Bill
Sent from my iPhone
> On Mar 18, 2022, at 11:01 AM, Justin Pryzby wrote:
>
> This conversation has gone off into the weeds, but I should point out that:
>
>> Yes, you can use SFTP (aka FTP ov
This conversation has gone off into the weeds, but I should point out that:
> Yes, you can use SFTP (aka FTP over SSH)
SFTP is not actually "FTP over SSH", even if the commands are similar.
> Remember … FTPS or SFTP, whatever u want to call it, is just SSH providing a
> “secure tunnel” for your
Hello.
I think in this case, as he is using proftpd, that what he is using is
FTP over TLS, not SSH based SFTP.
To answer the original question: FTP over TLS is safe as long as:
- you enforce everyone using it (i.e. not allowing to fallback to non-
encrypted connections), configuration for that i
Hmm … I used the word “secure” and now, “upon reflection”, I think it’s the
wrong word.
Instead of thinking about it as … “is it secure”? Maybe we should think about
it as … “has anybody broken the encryption yet?”
Then … for the choices that aren’t “broken“ yet, maybe we think about those as
Remember … FTPS or SFTP, whatever u want to call it, is just SSH providing a
“secure tunnel” for your unencrypted FTP traffic.
So … when trying to figure out “if SSH is secure” or any other encrypted
traffic like HTTPS or whatever, you need to look closely at the encryption
protocols you’re sup
Is FTPS considered insecure?
proftpd example:
ServerName "MH FTP server"
ServerType standalone
DefaultServer on
AccessGrantMsg "User %u has successfully logged into MH FTP server."
RequireValidShell off
UseReverseDNS off
IdentLookups off
Port 0
UseIPv6 off
MaxInstances 30
Umask 022
PassivePorts
Real pro tip: OpenVPN with tls-auth. If your packets aren't
signed, you can't snoop the port at all nor communicate with the
service.
On 3/17/2022 8:53 AM, William Papolis
wrote:
(PRO
TIP: I also use a non-standard port for my VPN, in
You guys are confusing Ruud.
Bottom line … FTP is not encrypted.
Yes, you can use SFTP (aka FTP over SSH) but then pay attention to what you are
doing … you’re creating access for ONE service, “SFTP”, thru your Firewall.
What about all the other services (WWW? NFS? SAMBA? LDAP? And yes, Gopher?
Not exactly true - you can use an VPN tunnel based on TLS and run
FTP through the tunnel.
I also have no point :)
On 3/16/2022 12:36 PM, Tuomo Soini
wrote:
There is no way to do FTP with TLS/SSL completely secure way.
__
On 2022-03-16 17:36, Tuomo Soini wrote:
FTP is dead - move to SFTP which uses ssh protocol.
gopher is dead aswell, but i have a gopher server still working
i have no point :=)
___
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
Thanks, I already thought that was the problem. But you never know ...
On 16-3-2022 17:36, Tuomo Soini wrote:
On Wed, 16 Mar 2022 16:14:10 +0100
Ruud Baart wrote:
Hi,
I can find quite a lot of documentation concerning a FTP server. But
I don't find the way to do it.
There is no way to do F
On Wed, 16 Mar 2022 16:14:10 +0100
Ruud Baart wrote:
> Hi,
>
> I can find quite a lot of documentation concerning a FTP server. But
> I don't find the way to do it.
There is no way to do FTP with TLS/SSL completely secure way. That is
because conntrack module must be able to see data port in co
On Wed, Mar 16, 2022 at 04:14:10PM +0100, Ruud Baart wrote:
> Hi,
>
> I can find quite a lot of documentation concerning a FTP server. But I don't
> find the way to do it.
>
> My situation:
>
> Internet <--> Firewall <--> FTP server
>
> Firewall and FTP server are Debian 11 and I use the la
13 matches
Mail list logo
