[Kolab-devel] More information on proftpd
Martin Konold
martin.konold at erfrakon.de
Sat Feb 28 12:47:34 CET 2004
Am Wednesday 25 February 2004 17:51 schrieb Bernhard Reiter:
Hi,
> > > > I did get the users to be able to authenticate with their username
> > > > and password though.
> IIRC the reason is, that
> as ftp is insecure over the line,
> we should not use the real user password for this.
> So I'm not sure if your change is desireable.
Yes, this is exactly the issue. Proftpd could directly use the real name /
passwords via LDAP but we _dont_ want this as this would expose the passwords
for sniffers and makes all our other ssl based efforts worthless.
Please consider the ftp upload approach a plain workaround for limitations in
Win NT 4. For more recent Windows OSs using webdavs is much better and
secure.
Regards,
-- martin
Dipl.-Phys. Martin Konold
e r f r a k o n
Erlewein, Frank, Konold & Partner - Beratende Ingenieure und Physiker
Nobelstrasse 15, 70569 Stuttgart, Germany
fon: 0711 67400963, fax: 0711 67400959
email: martin.konold at erfrakon.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: signature
URL: <http://lists.kolab.org/pipermail/devel/attachments/20040228/59752643/attachment.sig>
More information about the devel
mailing list