[ALUG] FTP servers with remote admin tools

Brett Parker iDunno at sommitrealweird.co.uk
Fri Jan 29 15:42:37 GMT 2016


On 29 Jan 14:07, steve-ALUG at hst.me.uk wrote:
> On 29/01/16 12:18, Mark Rogers wrote:
> >On 28 January 2016 at 20:32, <steve-ALUG at hst.me.uk> wrote:
> >>
> >>Not quite what you're after but Webmin (webadmin) is a capable remote admin in a browser.
> >It is indeed, and I use VirtualMin (which is WebMin with hosting bells
> >and whistles added) in a couple of places, although I think it's just
> >shielded me for learning stuff that I could do more quickly without
> >it. However there is a fairly big overhead sitting there 24/7 just to
> >allow me to make occasional config file changes.
> >
> >(I say "me", but I'm happy doing it via SSH. The desire for a GUI is
> >for others who are less used to commandline config.)
> 
> OK, they want a GUI, Webmin's a gui.  There will be overhead, *BUT* what
> overhead?  It it's not getting used, I would have thought the processor
> overhead of a web server serving a page that's not being accessed would be
> minimal.  There would be disk space and memory overhead, for sure, but I
> wouldn't have thought it would be to honourous, unless you pay per MB of
> storage/memory!
> 
> Secondly, do you REALLY want an FTP server?  FTP can't transfer files
> securely, and can't do user accounts/logins securely so it's only really
> useful (AIUI) for situations where little or no security is acceptible, e.g.
> downloads of the latest version of Ubuntu with no password or username
> required.

Well, depends on the FTP server, some support TLS, for example. And
there's always FTPS (which is straight off SSL'd FTP).

> SFTP is better (secure FTP), but to be secure, I think most people would use
> SCP (Secure CoPy -= cp via SSH (Secure SHell))

SFTP is a protocol that's part of the SSH suite, it's better than SCP
for general FTP operations, whilst still going over a standard ssh
connection.

> I have vsftp installed.  Very Secure File Transfer Protocol.  It can do FTP,
> or SFTP( I think).

It's Very Secure from the point of view that it has an excellent
security record. However, if you're doing straight FTP over it, then
nothing is encrypted, including the password that goes over the wire in
plain text. It does *not* support SFTP, but does support FTPS. Of
course, for FTPS you should really have a valid SSL certificate for it.

> I have it set up purely to work INSIDE my firewalled network.  I only use it
> to allow a webcam to FTP in images.  There is an account for the webcam on
> vsftp, but that's the only one allowed in.

Ahh - if it's not exposed to the outside world, then that's slightly
better!

> It works for me.  May I suggest you google the security implications of FTP
> if you're not using it in a situation where trivial security is acceptable?

vsftp also allows for chroot'd sessions, limiting the damage.

Thanks,
-- 
Brett Parker



More information about the main mailing list