[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Raq4 - SSH - Installed and where to go ?
- Subject: Re: [cobalt-users] Raq4 - SSH - Installed and where to go ?
- From: Lillith Lesanges <lillith@xxxxxxxxxx>
- Date: Fri Dec 28 15:42:07 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
On Friday, December 28, 2001, at 03:03 PM, Bob Cruz wrote:
This is an issue that I have been discussing in detail on the
cobalt-security list.
Once you have the OpenSSH.pkg installed, get a hold of Putty
http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
Once you get this set up you should disable telnet on your RAQ.
Right. PuTTY is fairly good free software (I also like SecureCRT [1]
which is not free) for replacing telnet with SSH. Roger, I definitely
concur with the suggestion of replacing telnet (insecure) with SSH
(secure).
Bob, sadly, PuTTY doesn't really seem to have a good SFTP client. It's
all commandline (unless there's a new version I don't know of). As the
question -was- specifically directed toward secure FTP access, I'd be
interested in any other suggestions you have applicable to that question.
I hope I don't sound -too- much like I'm thrashing a dead horse, but one
of the major problems in getting end users and clients to be actually
security-minded is the lack of good software that encourages it. As I
mentioned, I really like Dreamweaver, but it doesn't have any secure FTP
options... nor does FrontPage (iirc). Disabling telnet is all well and
good, but as long as people are using vanilla FTP, passwords are still
going in the clear.
Lillith K. Lesanges
Sysadmin/Programmer, MIS, Inc. http://www.misinc.net/
[1] http://www.vandyke.com/ Their motto is "Software that works" and
for Windows software, their success at working software is definitely an
achievement. It will also do some file upload/downloading, unless I
misrecall.