Comments on: Ubuntu 9.10: Chroot Jail for FTP

By: mike

mike — Tue, 27 Oct 2009 16:59:00 +0000

You are right about the FTP security. However, many people use it regardless. If you use SSL to protect FTP it can be a useful tool.

JohnP — Tue, 27 Oct 2009 12:02:43 +0000

Why do people still use FTP? Having a password in the clear isn’t very smart, even with internal networking.

sFTP, scp, and all sorts of other encrypted file transfer methods exist.

We all need to stop enabling FTP anywhere unless it is pull and doesn’t use a password – basically use FTP like an anonymous web site.

Francois — Tue, 27 Oct 2009 02:15:22 +0000

Well, ok, but just in case someone had missed it:

do NOT use ssl-cert-snakeoil

This certificate is for testing purposes and the private key publicly available…

Ubuntu Training: Virtual FTP Accounts with MySQL | Server Training Blog — Fri, 23 Oct 2009 10:58:44 +0000

[...] Ubuntu 9.10: Chroot Jail for FTP [...]