Hi, you can use scp whitout interactive authentication.
Cordial saludo,
Ing. Gustavo Paredes M.
Security Consultant - CISSP
Internet Solutions Colombia
"The Information Security Experts"
http://www.internet-solutions.com.co
gustavo.paredes@internet-solutions.com.co
Phone (movil):(300)2089644
Phone (office):(091)3120910 ext 12
CONFIDENCIAL. La información contenida en este e-mail y cualquier archivo
anexo es confidencial y sólo puede ser utilizada por el individuo o la
compañía a la cual está dirigido. Si no es usted el destinatario
autorizado, cualquier retención, difusión, distribución o copia de este
mensaje está prohibida y es sancionada por la ley. Si por error recibe este
mensaje, le ofrecemos disculpas y le agradecemos reenviar el mensaje al
emisor original y eliminarlo de su inbox inmediatamente.
----- Original Message -----
From: "Vicky Rode" <aptgetd@gmail.com>
To: <security-basics@securityfocus.com>
Sent: Monday, June 27, 2005 3:18 PM
Subject: securing communication channel (FTP) - Need Suggestions
Hi,
I'm looking at ways trying to secure communication channel (file
transfer to be specific) which occurs between my master (ftp
downloads)/slave (remote clients) FTP servers. Since this communication
channel is in the clear which means anyone listening can acquire the
login credentials. Not to mention man-in-the middle attack.
I'm currently pondering using one of the following options and was
wondering if anyone could provide their thoughts and feedback (pros/cons):
(1) Secure FTP (SSL:FTPS)
- Any pitfalls I need to be aware of from a setup/implementation
standpoint?
- How would the authentication to MySQL user database work?
(2) Secure HTTP (https)
- Any pitfalls I need to be aware of from a setup/implementation
standpoint?
- How would the authentication to MySQL user database work?
(3) a. Scp:
b. Sftp: Is it an interactive program? Does it provide
non-interactive authentication?
Any pointers will be greatly appreciated.
regards,
/vicky
