Roger Taranto wrote:
I've just upgraded to FC2, and I'm trying to figure out who to handle a
security access situation. I would like to keep the security on the machine
pretty high since I use it as a firewall, but I also would like to give
access to a friend to update a web site hosted on the computer. She would
be coming in via FTP (for example, DreamWeaver), but is using a cable
connection and therefore won't always be tied to the same IP address.
How do I keep security tight while still allowing her to connect to update
the web site?
Thanks,
-Roger
As a firewall it is a mistake to allow any outside access to services
that authenticate without encrypting. So ftp access is a really bad
idea. Your best option might be webDAV over ssl. It can be configured
on your web server be id/password restricted, and use a test certificate
you create for ssl encryption. Another secure alternative is scp, but
then you have allowed the person shell login access using ssh as well.
If that is not necessary, use the webDAV over ssl.
--
-----------------------------------------------------------
"Spend less! Do more! Go Open Source..." -- Dirigo.net
Chris Johnson, RHCE #807000448202021
