FTP with authentication to RADIUS

Roeland Meyer rmeyer at mhsc.com
Fri Jan 5 21:13:07 UTC 2001


> From: Steve Sobol [mailto:sjsobol at NorthShoreTechnologies.net]
> Sent: Friday, January 05, 2001 12:35 PM
> 
> "Brian W." wrote:
>  
> > scp is also a possibility, its usage is a bit cryptic, but it is an
> > option..

> But it requires an active shell account on both ends.
> 
> Ain't no way I'm granting shell access to anyone who doesn't 
> specifically
> ask for it. Actually, I'm picky about granting it even to 
> people who DO
> ask for it.

This pretty much reflects the attitudes of most of production Unix admins. I
don't do it here either. The only shell accounts, on production hosts, are
admins and I force most of them to use sudo. Very few (2) have root access
here. We've also killed telnetd and ftpd (as in; deleted, never to be used,
period). If we have a customer that needs to upload files, we write a
special applet for them and make them use a web browser.




More information about the NANOG mailing list