On 29/01/16 14:33, Laurie Brown wrote:
On 29/01/16 14:07, steve-ALUG@hst.me.uk wrote:
[SNIP]
Secondly, do you REALLY want an FTP server? FTP can't transfer files securely, and can't do user accounts/logins securely so it's only really useful (AIUI) for situations where little or no security is acceptible, e.g. downloads of the latest version of Ubuntu with no password or username required.
SFTP is better (secure FTP), but to be secure, I think most people would use SCP (Secure CoPy -= cp via SSH (Secure SHell))
I have vsftp installed. Very Secure File Transfer Protocol. It can do FTP, or SFTP( I think).
As I host clients' web sites and data, I am obliged to provide ftp for them. I also use vsftpd which is as secure as ftp ever will be, I think. With fail2ban, it's reasonably secure and I don't fret overmuch.
Cheers, Laurie.
There's also DenyHosts although I wouldn't try and use both. DenyHosts can scan logs for all accesses, not just SSH, report any intrusions, and also download a list of suspected intruders (IPs that have intruded on other Denyhost sites) and ban them for a while.
Yes, if you're hosting websites, you have to do FTP really!
Steve