[CentOS] vsftp question ?
John R Pierce
pierce at hogranch.com
Sat Sep 22 08:02:24 UTC 2007
Indunil Jayasooriya wrote:
> I want to setup vsftp on centos 4.5. 2 types of ftp. they are active
> and pasive. What is the default type ftp type o CentOS ?
> Is is PASIVE ftp?
> in /etc/vsftpd/vsftpd.conf, I found below line. What should I do for
> below line?
> # Make sure PORT transfer connections originate from port 20 (ftp-data).
> Should I COMMENT it out? I need a very secure ftp service.
'very secure' and 'ftp' don't go together.
passive vs 'active' has no impact on 'security'. the choice of passive
vs active is strictly at the clients whim after authentication, and
unless you have control over all clients and their transfer modes, you
should support both to be RFC compliant.
FTP is inherently an insecure protocol as it sends the user credentials
in plain text.
More information about the CentOS