Aidan Cully <aidan@kublai.com> writes:

> Have you looked at rfc 2228?

This is definitely the way to go. I was looking at this some time ago
(having already done this for older BSD ftp source), but never
actually started working on it. There are some hard-to-deal-with stuff
going on in the ftpd.

But to my knowledge there is no simple APOP-like authentication
mechanism defined for FTPSEC, but it would be trivial to create one.

/Johan