IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: avoiding reinventing the wheel on file transfer.



I see two problems with simply redirecting ports to use the
existing ftpd:

1.  One of the major reasons to run sshd is to be able to shut
down telnetd and ftpd, not only because of cleartext logins
but also because they have been prone to security bugs.  Yes,
one could perhaps arrange for ftpd to listen only on localhost,
but there is still the possibility of privilege escalation via
a buggy ftpd.

2.  The two-connection model for file transfer has not, in retrospect,
worked out well.  (IMHO)

Barney Wolff



Home | Main Index | Thread Index | Old Index