From owner-freebsd-security Tue Jan 5 17:22:31 1999 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id RAA18636 for freebsd-security-outgoing; Tue, 5 Jan 1999 17:22:31 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from top.worldcontrol.com (snblitz.sc.scruznet.com [165.227.132.84]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id RAA18615 for ; Tue, 5 Jan 1999 17:22:27 -0800 (PST) (envelope-from brian@worldcontrol.com) From: brian@worldcontrol.com Received: (qmail 1904 invoked by uid 100); 6 Jan 1999 01:34:25 -0000 Date: Tue, 5 Jan 1999 17:34:25 -0800 To: Wes Peters Cc: Gustavo Vieira G C Rios , freebsd-questions@FreeBSD.ORG, freebsd-security@FreeBSD.ORG Subject: Re: Security Message-ID: <19990105173424.B1875@top.worldcontrol.com> Mail-Followup-To: Wes Peters , Gustavo Vieira G C Rios , freebsd-questions@FreeBSD.ORG, freebsd-security@FreeBSD.ORG References: <36925FC2.12EC490F@netshell.vicosa.com.br> <36929E8A.1515AD1E@softweyr.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95i In-Reply-To: <36929E8A.1515AD1E@softweyr.com>; from Wes Peters on Tue, Jan 05, 1999 at 04:21:46PM -0700 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > Gustavo Vieira G C Rios wrote: > > Hi, folks, i am trying to increase my system security, but the main > > problem i would like to solve is: On Tue, Jan 05, 1999 at 04:21:46PM -0700, Wes Peters wrote: > For email, require your users to use IMAP or POP3 with APOP. Both feature > encrypted password access. > > For file transfer, disable your FTP server and make your users use scp. > If they have ssh setup, scp should work just fine. If your users have access to ssh and are running unix-like OSes, I've written some scripts which use ssh and movemail to fetch email. I call the scripts fmail. I got tired, even with ssh redirected POP, of the time and slow handshaking of the POP protocol. Now I get full speed (bandwidth) delivery of my email via an encrypted and compressed channel. Myself and one other person have been using the scripts for months. fmail requires (well not exactly) passwordless ssh entry into the system with the mail. Basically requires that you copy localhost:~account/.ssh/identity.pub to mailhost:~account/.ssh/authorized_keys -- Brian Litzinger To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message