Translations:FTP server in the Cloud/3/en

From Alliance Doc
Jump to navigation Jump to search
  • If you are considering anonymous FTP...
    • ...for read-only access : Use HTTP (see Creating a web server on a cloud).
    • ...for read/write access: The security risks of accepting anonymous incoming file transfers are very great. Please contact us and describe your use case so we can help you find a secure solution.
  • If you plan to authenticate FTP users (that is, require usernames and passwords)...
    • ...a safer and easier alternative is SFTP.
    • Another alternative is FTPS, which is an extension of FTP which uses TLS to encrypt data sent and received.

When authenticating users via passwords, the transmitted data should be encrypted or else an eavesdropper could discover the password. We strongly recommend that you not allow password logins to your VM, as automated brute-force attempts to crack passwords can be expected on any machine connected to the internet. Instead, use ssh-key authentication (see SSH Keys). SFTP can be configured to use ssh-key authentication.