[BlueOnyx:15930] Re: FTPs & firewall

[Michael Stauber]

Hi Maurice,

> I believe ssh ftp is currently not supported by the gui. 
> 
> @Michael: any chance this would be possible in the future?

We do support FTPS and SFTP. That is as good as it will get.

SCP is possible when the account in question has shell enabled. So you
can already use that.

I had once looked into providing an "SCP only" option, which would allow
SCP file transfers, but not SSH logins to execute commands. This is
possible via the extension SCP-only-shell, but it's a bitch to set up.

If SFTP and FTPS work, then why would you need SCP, too? The only
benefit it has is that it's 100% encrypted: Both login and data
transfer. But you also get that with SFTP. Simply turn off the
unencrypted FTP and force your FTP users to use the secure FTP protocols
instead.

At the end of the day it's the same with Email: As long as you have
people using POP3 and IMAP (without SSL) who login every minute and
transmit their login details in the clear it doesn't make sense to limit
those few and very infrequent file transfers to SCP. That contributes
nothing extra to security.

-- 
With best regards

Michael Stauber