asked on

Secure FTP

I have a linux server (enterprise edition). Currently have vsftpd setup and running. I need the FTP sesssion that is established to be encrypted from our server to other vendors. What do I need to do to setup a secure FTP server that vendors can send information back and forth to us?

chris_calabrese

Although vsftpd supports FTP/SSL, most other FTP implementations do not (or at least most sites don't have it configured to work even if the underlying FTP server does support it). Plus most FTP clients don't support it either.

Therefore I would not recommend relying on FTP/SSL for securing connections to multiple business partners.

Other options to look at are:
1. Open-text FTP, but PGP-encrypt/sign the data.
2. Open-text FTP over VPNs
3. Web app that lets you do uploads and downloads and runs in an HTTP/S session
4. XML/SOAP/SOA type web app under HTTP/S

nls73m

ssh and windows secure copy?

Dushan Silva

Use OFTP.

BR Dushan

m1tk4

As a matter of fact, there is a number of clients that support FTPS (or FTP with AUTH command and SSL encryption of password and/or data):

http://www.ford-hutchinson.com/~fh-1-pfh/ftps-ext.html#client

Gabriel Orozco

Enable SSL on your vsftp and give this program to your users:
http://winscp.net/eng/index.php

winscp is freeware and works pretty well for our clients

however, I use it along with ssh and a restricted shell:
http://freshmeat.net/projects/rssh/
http://freshmeat.net/projects/scponly/

ASKER CERTIFIED SOLUTION

kanwalzeet

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Kelly Black

kanwalzeet has the right idea.

Gabriel Orozco

yep

the same idea I posted before 8-)