Actually this is irrelevant if you are using SFTP which does not even need a
shell account, the shell should be set to the SFTP subsystem
"/usr/libexec/sftp-server". Yet another reason for ditching FTP.
John
>Actually, if you think that just replacing ftp with scp or sftp
>constitutes a significant security improvement, then you now
>have _two_ problems. ;-> It might have been smarter to just chroot
>people ftp'ing in non-anonymously to a subdirectory of their home
>directories, and recompiling an ftp daemon to use a different
>authentication database from the one that holds shell-login passwords.
>That way, sure people's ftp logins are sniffable, but you don't expose
>any shell passwords thereby.
******************************************************************************
The information in this e-mail is confidential and may be legally privileged.
It is intended solely for the addressee. Access to this e-mail by anyone else
is unauthorised. If you are not the intended recipient, any disclosure,
copying, distribution, or any action taken or omitted to be taken in reliance
on it, is prohibited and may be unlawful.
Please note that emails to, from and within RTE may be subject to the Freedom
of Information Act 1997 and may be liable to disclosure.
******************************************************************************
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
