[Zope] ssh (more)

[Lennart Regebro]

From: "Robert Hood, Ph.D." <rhood@mtsu.edu>
> I've been advised by security people on my campus to shut down normal ftp
> and telnet access to my server if possible and to use sftp and ssh for
> access.

Ah, yes, that is something you are well adviced to do.
However, ftp access to Zope is not "normal" ftp access. :-)

> I currently sometimes ftp things to zope.  I do not have any
> packages installed that give zope file system access, so I don't really
> think zope's ftp port would be a security hazard

Quite correct.

> (and my own view is that
> my machine does not have any national security type stuff on it, so that
> this request may be going a bit far).

Oh, hackers gaining access to secret data is not a very big security
problem. The problems are that they use your machine to make attacks on
other machines, spread copyrighted data, send spam e-mails, and so on.

> Suggestions appreciated.

I'm sure it is possible to implement sftp too, but I would think it is quite
a lot of work, for very little gain, so probably you have to do it
yourself...
Oh, and you can run the ftp on a non-standard port, and your security people
probably won't find it. :-)