Use of FTP is deprecated, server guide should point to SFTP
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu Server Guide |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
The page for FTP on 10.10
https:/
should have a mention of SFTP at the very top and point the users to a page, or contain a paragraph at the start, on setting up SFTP (which consists only of installing the package 'openssh-server')
There is a very fine page on setting up FTP for Ubuntu, but it is out of date by failing to mention SFTP. Lots of users are finding the FTP guide and struggling through the old instructions to get the FTP server configured and turning to the Forums for help, when actually SFTP would be easier and more appropriate. FTP is both difficult and insecure. By following the guide, the users are making their systems vulnerable. Users, especially novices, should be steered to SFTP instead. See these links for more discussion:
http://
http://
For clients, there are SFTP clients built into Nautilus, Dolphin and FileZilla, to name just three. As far as I can tell even Kate has SFTP support.
Related branches
- Peter Matulis: Disapprove
- Doug Smythies: Needs Fixing
-
Diff: 661 lines (+264/-117) (has conflicts)9 files modifiedlibs/global.ent (+14/-0)
libs/legalnotice.xml (+5/-0)
libs/ubuntu-banner.xsl (+1/-1)
serverguide/C/backups.xml (+6/-0)
serverguide/C/file-server.xml (+55/-27)
serverguide/C/network-config.xml (+13/-7)
serverguide/C/remote-administration.xml (+113/-60)
serverguide/C/web-servers.xml (+56/-21)
serverguide/C/windows-networking.xml (+1/-1)
- Jim Campbell (community): Needs Fixing
-
Diff: 650 lines (+254/-126)9 files modifiedlibs/C/legalnotice.xml (+1/-1)
libs/global.ent (+8/-8)
libs/ubuntu-banner.xsl (+1/-1)
serverguide/C/backups.xml (+6/-0)
serverguide/C/file-server.xml (+55/-27)
serverguide/C/network-config.xml (+13/-7)
serverguide/C/remote-administration.xml (+113/-60)
serverguide/C/web-servers.xml (+56/-21)
serverguide/C/windows-networking.xml (+1/-1)
- Peter Matulis: Approve
-
Diff: 97 lines (+35/-25)1 file modifiedserverguide/C/file-server.xml (+35/-25)
visibility: | private → public |
security vulnerability: | yes → no |
affects: | ubuntu-docs (Ubuntu) → serverguide |
Changed in serverguide: | |
importance: | Medium → Undecided |
Changed in serverguide: | |
status: | Fix Committed → Fix Released |
This is not a security vulnerability and FTP is not deprecated. FTP is still very useful as a means to transfer files to anonymous users (instead of just HTTP) See ftp://ftp. mozilla. org/pub/ mozilla. org/firefox/ releases/ for example.
On the other hand, I agree that SFTP should be discussed in the server guide. You're welcome to try writing a guide to setting up SFTP which could be included in the 12.04 edition.