Re: FTP Replacement (SSH?)

[David <dcorking () yahoo fr>]

Hi Chris!

On Wed, 10 Sep 2003, Chris Decker wrote:
 
> I'm interested in using some type of secure replacement for FTP, such as
> SSH.  The only problem is that I'm running Windows 2000 Advanced Server.
>
> Also, if there is a way to get SSHD running (Cygin?), 

There is - if you google on cygwin (spell it right) you will find
install instructions.  (Probably even in the archives of this list.)

Select the openssh package in the cygwin installer.

> is there a way to
> set it up to use Windows 2000 Authentication, 

by default it uses the Windows password, but the public keys are even nicer.

> and allow every user access
> to a "home" directory, which in my case I would want to be their
> sub-directory in my Inetpub directory.

I don't see why not but I haven't played with that.

> I'm really looking for a free solution, but would consider anything
> within a reasonable price-range.

OpenSSH has an X11-type license and Cygwin is GPL - so you are free to
recompile and redistribute.  How much are you willing to pay for that
freedom?

ssh is not as secure as some think if you don't trust your users to
protect their passwords.  Even if you only use scp or sftp, I
understand you are effectively giving authenticated users a shell
account - with all the trust and locking down that implies.


---------------------------------------------------------------------------
Captus Networks 
Are you prepared for the next Sobig & Blaster? 
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans 
 - Precisely Define and Implement Network Security 
 - Automatically Control P2P, IM and Spam Traffic 
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit 
http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------