The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Securing FTP: SafeTP

Discussion in 'General Discussion' started by matt621, Oct 17, 2004.

  1. matt621

    matt621 Well-Known Member

    Joined:
    Jun 25, 2003
    Messages:
    175
    Likes Received:
    0
    Trophy Points:
    16
  2. nickn

    nickn Well-Known Member
    PartnerNOC

    Joined:
    Jun 15, 2003
    Messages:
    619
    Likes Received:
    1
    Trophy Points:
    18
    You can use FTP over SSL. This will encrypt your data. :)

    Most modern day FTP clients support it.
     
  3. matt621

    matt621 Well-Known Member

    Joined:
    Jun 25, 2003
    Messages:
    175
    Likes Received:
    0
    Trophy Points:
    16
    and how would one go about setting that up?

    thanks
     
  4. nickn

    nickn Well-Known Member
    PartnerNOC

    Joined:
    Jun 15, 2003
    Messages:
    619
    Likes Received:
    1
    Trophy Points:
    18
    It's already set up in the FTP daemon if you are using ProFTPd (or the latest PureFTPd RPM)

    As for how you do it in your client, check out the FTP client help pages, different for every client.
     
  5. matt621

    matt621 Well-Known Member

    Joined:
    Jun 25, 2003
    Messages:
    175
    Likes Received:
    0
    Trophy Points:
    16
    Well therein lies the problem, and that's why I started with the question about SafeTP. I can't expect my clients to learn how to setup Secure FTP. Its' all I can do to get them just to d/l and install an ftp client.

    So that's why I want to go the SafeTP method.
     
  6. nickn

    nickn Well-Known Member
    PartnerNOC

    Joined:
    Jun 15, 2003
    Messages:
    619
    Likes Received:
    1
    Trophy Points:
    18
    SafeTP hasn't been updated in 3 years. There's a reason projects die.
     
  7. matt621

    matt621 Well-Known Member

    Joined:
    Jun 25, 2003
    Messages:
    175
    Likes Received:
    0
    Trophy Points:
    16
    That's true, but those reasons don't usually have anything to do with the value of the project. People get married, have kids, graduate, move, get another job, etc.

    But the bottom line is that I can see a need for this product. If you don't fine. I'll just try to find either someone who uses it and knows the ins and outs, or I'll find a similiar product.
     
  8. nickn

    nickn Well-Known Member
    PartnerNOC

    Joined:
    Jun 15, 2003
    Messages:
    619
    Likes Received:
    1
    Trophy Points:
    18
    You need to let your users off of a leash. If they want security, teach them to enable FTP over SSL. It'd take what, 3 minutes?

    If I'm not mistaken, doesn't the SafeTP program require you to install a program on your windows PC too...it probably takes more time. Then they have to make sure it's started, etc etc.
     
  9. matt621

    matt621 Well-Known Member

    Joined:
    Jun 25, 2003
    Messages:
    175
    Likes Received:
    0
    Trophy Points:
    16
    I've been in the hosting business since 1997. About 5% of my users are savvy enough to setup something like what you propose. About half the users want to use FP. I try to talk them out of it, but still at least 25% of our users use FP to create their site. Another 10% or so use other automated systems. That's the real world. The rest use traditional FTP.

    SafeTP is a 3 minute download and a single click to install. NOTHING else has to be changed. It's self configuring and it works.

    The other way is asking them to download and use an unfamiliar program, and on top of that configure it. Maybe your users are different from ours, but it will never fly.

    I thank you for your help, but candidly, I don't think you get it.
     
  10. nickn

    nickn Well-Known Member
    PartnerNOC

    Joined:
    Jun 15, 2003
    Messages:
    619
    Likes Received:
    1
    Trophy Points:
    18
    *shrug*

    To each his own :)

    None of my 2000+ resellers/clients have had problems with it...they all seem to have figured it out. Admittingly the basic shared hosting clients aren't quite as keen with hosting as the resellers have to be...but we've never had a problem...

    Enjoy SafeTP but I don't see cPanel ever using a project that's been dead 3 years and is rather redundant to a feature already built into the ftp daemons. (and if they did, I would highly object to the bloat.)
     
  11. SarcNBit

    SarcNBit Well-Known Member

    Joined:
    Oct 14, 2003
    Messages:
    1,010
    Likes Received:
    3
    Trophy Points:
    38
    The SafeTP project looks interesting. Unfortunately it requires the installation of a completely new ftp server daemon on the server side. This is not supported by cPanel, and even if it could be made to work would defeat some of the purpose of cPanel itself as you would have to go behind every new account setup and do clean-up and configuration.

    I am not aware of any other 'transparent' solutions that would compete directly with SafeTP, and I am not aware of any other FTP daemons that have adopted the SafeTP protocol. Most seem to have adopted SSL and/or SSH support to meet the need of secure communications. If something similar to SafeTP were to emerge today, I imagine it would take advantage of one of those protocols in its implementation.

    I would caution against using a project that has been abandoned for so long (freshmeat says 3 years 2 months). Of course, hosting production servers for over 7 years you should not need me to tell you that. There is at least one known security issue that has surfaced since the last update, and who knows how many more exploits may be relevant to this software.
     
Loading...

Share This Page