All round ftp server
Submitted by daryl on Mon 13 Aug 2007
| vsftpd |
   38% | 380 votes |
| proftpd |
26% | 269 votes |
| pureftpd |
10% | 101 votes |
| wu-ftpd |
1% | 15 votes |
| glftpd |
1% | 17 votes |
| ftp is dead |
19% | 195 votes |
| other |
2% | 21 votes |
| Total 998 votes |
<<< How do you get superuser privileges on machines you administer?
Which AV solution has your company chosen? >>>
One of the reasons I put this poll in was to see what everyone's first chice would be, for both personal and commercial environments. Especially for the non-techies out there. Would someone not have a ftp option available in a wan, or secure all clients using winscp........(utilising ssh)?? Thinking of installing vsftpd but would like to see how results go first........
[ Parent ]
At work we use vsftpd when we need FTP on a box, though most of the time we use SSH or NFS.
I do not use FTP on any of my boxes at home, I use SSH or NFS only. If I were to use FTP at home then I would also use vsftpd.
--
"It's Not Magic, It's Work"
Adam
I do not use FTP on any of my boxes at home, I use SSH or NFS only. If I were to use FTP at home then I would also use vsftpd.
--
"It's Not Magic, It's Work"
Adam
[ Parent ]
I found FTP much faster for moving big files.
I just start proftpd when I need large file transfer, otherwise I just use scp/nfs
I just start proftpd when I need large file transfer, otherwise I just use scp/nfs
[ Parent ]
Posted by dkg (216.254.xx.xx) on Tue 14 Aug 2007 at 21:31
[ Send Message | View dkg's Scratchpad | View Weblogs ]
[ Send Message | View dkg's Scratchpad | View Weblogs ]
I think FTP is dead. Any advantages it may have had over HTTP have been erased:
- apache 2.2 (among other web servers) supports large files (> 2GB) and more authentication, authorization, and encryption options than you can shake a stick at.
- HTTP can be used to support file uploads either via traditional POST methods (albeit with some encoding overhead) or via newer techniques like WebDAV. HTTP transfer rates can be transparently reduced for some data by compression negotiation between server and client.
- Depending on how you count/categorize these things, HTTP clients are probably the most widely installed class of software in the world.
[ Parent ]
Customers still ask for it, frequently. Apparently a lot of applications are still built around the FTP and lack support for protocols such as SCP. We're left with the choice of either providing the FTP service or losing the customer to a company that will still support it (and there are no shortage of them!). The "bother" of running ftp becomes much less so once you have a security policy developed around the known flaws.
[ Parent ]
I voted FTP is dead, although I'd rather have voted "FTP must die".
It is supported by us at work for uploading websites to our servers, and for uploading websites to other peoples servers, and the reason for this is that the alternatives aren't well enough developed, or widely deployed. Everyone who does website hosting providers FTP access, and so everyone expects it, all the website authoring tools can use FTP.
I have vsftpd and proftpd, and would suggest people stick with vsftpd unless they have very complex requirements. POST is not a viable replacement, you need manipulation of permissions for websites, so Webdav or similar.
For our own purposes we use ssh almost exclusively, with a little sshfs, and a lot of scp. But you don't want to offer shell access to end users most of the time (they would only mess up), and scponly isn't exactly ideal.
My biggest issue with FTP is plain text authentication, these days folks have very few issues with using it as the clients and servers all do the right thing. Sure compression would be nice, but in a webhosting environment it is 100's of downloads to every upload, so it really doesn't matter as we have bandwidth to burn in that direction.
It is supported by us at work for uploading websites to our servers, and for uploading websites to other peoples servers, and the reason for this is that the alternatives aren't well enough developed, or widely deployed. Everyone who does website hosting providers FTP access, and so everyone expects it, all the website authoring tools can use FTP.
I have vsftpd and proftpd, and would suggest people stick with vsftpd unless they have very complex requirements. POST is not a viable replacement, you need manipulation of permissions for websites, so Webdav or similar.
For our own purposes we use ssh almost exclusively, with a little sshfs, and a lot of scp. But you don't want to offer shell access to end users most of the time (they would only mess up), and scponly isn't exactly ideal.
My biggest issue with FTP is plain text authentication, these days folks have very few issues with using it as the clients and servers all do the right thing. Sure compression would be nice, but in a webhosting environment it is 100's of downloads to every upload, so it really doesn't matter as we have bandwidth to burn in that direction.
[ Parent ]
Posted by Anonymous (64.208.xx.xx) on Fri 17 Aug 2007 at 07:17
Yes, I also don't like plain-text authentication. That's why I installed pure-ftpd-mysql and configure it to allow only non-anonymous and only SSL/TLS... Simple ftp clients don't work with it, but Filezilla serves me well.
I would like to have some secure ftp server which could fully run in chroot under non-root account, but I didn't find any such package :-(
I would modify your statement to "insecure FTP must die"...
I would like to have some secure ftp server which could fully run in chroot under non-root account, but I didn't find any such package :-(
I would modify your statement to "insecure FTP must die"...
[ Parent ]
Posted by Anonymous (88.2.xx.xx) on Tue 21 Aug 2007 at 10:50
We want scp with resume support!! :)
Cheers.
Cheers.
[ Parent ]
"ftp is dead" shouldn't be an option, it should be assumed! :)
Unfortunately I find FTP to be the most reliable way to transfer files from Windows to Linux computers since Windows has built-in FTP support. vsftpd is my choice in those cases since its much easier to get up and running than Samba.
In the real world though I strictly use SSH/SFTP on the server and WinSCP/PuTTY for Windows clients.
Unfortunately I find FTP to be the most reliable way to transfer files from Windows to Linux computers since Windows has built-in FTP support. vsftpd is my choice in those cases since its much easier to get up and running than Samba.
In the real world though I strictly use SSH/SFTP on the server and WinSCP/PuTTY for Windows clients.
[ Parent ]