North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: FTP with authentication to RADIUS

  • From: Roeland Meyer
  • Date: Fri Jan 05 16:16:11 2001

> From: Steve Sobol [mailto:[email protected]]
> Sent: Friday, January 05, 2001 12:35 PM
> "Brian W." wrote:
> > scp is also a possibility, its usage is a bit cryptic, but it is an
> > option..

> But it requires an active shell account on both ends.
> Ain't no way I'm granting shell access to anyone who doesn't 
> specifically
> ask for it. Actually, I'm picky about granting it even to 
> people who DO
> ask for it.

This pretty much reflects the attitudes of most of production Unix admins. I
don't do it here either. The only shell accounts, on production hosts, are
admins and I force most of them to use sudo. Very few (2) have root access
here. We've also killed telnetd and ftpd (as in; deleted, never to be used,
period). If we have a customer that needs to upload files, we write a
special applet for them and make them use a web browser.