Subject: Re: additional authentication for ftp
To: None <>
From: Greg A. Woods <>
List: current-users
Date: 08/02/2000 20:38:41
[ On Wednesday, August 2, 2000 at 18:44:50 (-0500), Peter Seebach wrote: ]
> Subject: Re: additional authentication for ftp 
> I'd love to have a "secure" ftp.  90% of the time when I use scp (or cat |
> ssh) to send files, it's just because I'm worried about the *password*.

If you worry about someone seeing your password then you should also
worry about other kinds of man-in-the-middle attacks that can often be
relatively trivial against plain TCP circuits -- i.e. you should worry
about the integrity of the files you transfer too!  (And no you can't
even rely upon a signature file for independent corroboration if the
cracker is really that determined!)

							Greg A. Woods

+1 416 218-0098      VE3TCP      <>      <robohack!woods>
Planix, Inc. <>; Secrets of the Weird <>