HPE Community
Operating System - HP-UX
1829106 Members
3191 Online
109986 Solutions
New Discussion

secure ftp

 
Paul T. Green
Advisor

‎03-07-2001 05:48 AM

‎03-07-2001 05:48 AM

secure ftp

I am interested in implementing a secure method for ftp'ing files into one our prod. servers without trusting it. Someone mentioned ftppro, but have been unable to find a copy of it. Does HP recommend any particular one? Any ideas. Thanx in adv.
We'd like to know a little bit about you for our files.... Paul Simon
0 Kudos
Reply
6 REPLIES 6
BOSCHIAN Xavier
Occasional Contributor

‎03-07-2001 06:08 AM

‎03-07-2001 06:08 AM

Re: secure ftp

What about ssh (www.ssh.org) and sftp ?
XBO
0 Kudos
Reply
Paul T. Green
Advisor

‎03-07-2001 06:37 AM

‎03-07-2001 06:37 AM

Re: secure ftp

Xavier, ssh is more of a general internet
IP spoofing, IP source routing, DNS spoofing,
manipulation of data, and attacks based on listening to X authentication data and spoofed connection to the X11- server type app. I am not sure that I want to get into heavy configurations.
What is HP's take on SSH?
SFTP 0.9.6 is still working on bug fixes. Don't want to use it!
We'd like to know a little bit about you for our files.... Paul Simon
0 Kudos
Reply
Ian Cameron
Frequent Advisor

‎03-08-2001 07:29 AM

‎03-08-2001 07:29 AM

Re: secure ftp

We are using proftpd-1.2.0pre9 for the simple reason that I can lock down users to whatever level of access I wish very easily with the config files. You can download precompiled libs or source code from:

http://eigen.ee.ualberta.ca/hppd/hpux/Networking/FTP/proftpd-1.2.0pre9/

Hope this helps.
0 Kudos
Reply
Brian Markus
Valued Contributor

‎03-08-2001 09:44 AM

‎03-08-2001 09:44 AM

Re: secure ftp

We also use proftpd, Are you concerned with people sniffing flat text passwords or concerned with what the users get access to? If your only focus is what they get access to, definately use proftpd. If it's the secure network issue, use the ssh product. In proftpd you can specify which ip address can access your box, what directory appears to be their home, what access to files (rwx), what access to directorys (remove/list). It's very flexiable and customizable. The syntax in the conf file looks a lot like HTML. It's very easy to setup, and it includes examples.
Hope that helps..

Brian.
When a sys-admin say's maybe, they don't mean 'yes'!
0 Kudos
Reply
Jerry L. Anderson
New Member

‎03-13-2001 10:46 AM

‎03-13-2001 10:46 AM

Re: secure ftp

We use scp (Secure Copy Program) instead of ftp for non-interactive file transfers. scp is part of the ssh bundle. The version we use is from OpenSSH (http://www.openssh.com) which runs fine under HP-UX. You can also download it precompiled from one of the HP-UX porting sites.

To make it work in batch mode for root we use the /.shosts file (gives host level root equivalency which is a risk). For command line work any valid user account can use it.

The pluses to us are the fact that the userid/password is never sent un-encrypted, and each host has a digital signature so it automagically verifies that you are talking to the host you think you're talking to.

There is some complexity, but just starting with the defaults will give you 99% of what you are looking for.
0 Kudos
Reply
Paul T. Green
Advisor

‎03-14-2001 08:53 AM

‎03-14-2001 08:53 AM

Re: secure ftp

Ian,

I've been trying to implement proftpd on a test server and have come accross a few glitches... please contact me at frank.quinteros@unistudios.com would like to ask a few questions...
We'd like to know a little bit about you for our files.... Paul Simon
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.