Starting with gnupg

Faramir faramir.cl at gmail.com
Mon Aug 4 09:25:34 CEST 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Robert J. Hansen escribió:
> Faramir wrote:
>> If he is using ftp to upload the files... standard ftp sends username
>> and password unencrypted... so it could be sniffed...
...
> telnet and ftp are antique protocols that have much better replacements
> available to them.  ssh, scp and sftp are all in common usage nowadays.
>  Anyone who uses telnet or ftp for any kind of sensitive information is
> living dangerously by deliberate choice.

  Some servers are hard to configure to use sftp (if possible at all)...
as an example, a friend of me asked me to enable SSL in his server (I am
not sure if it is a virtual server or just a virtualhost, but I am sure
it has shared IP). When I tried to install the certificate... I realized
it couldn't be done without having to pay an extra monthly fee to get
our own IP. Without it, we are stuck to the "common" certificate
extended to all the hosts in that IP, and I am not sure if it is
trustworth at all... so sometimes, it's not by choice... or because they
don't know how to configure these services. About what is "sensitive
information", some people have fun by stealing somebody's email and
closing it... but of course if we talk about a file containing the
credit card number of your customers, then that is info is worth hiring
somebody to set up security before something bad happens...

 Best Regards
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEcBAEBCAAGBQJIlq7uAAoJEMV4f6PvczxA8kgH/RETG81rnkAkAStQI9xyxd5x
EmKpNDvoVxyxNh1weOhbZ/ehjNsWvfFXTgq5qj/MnuAmZffvGdKB11Dn6VETHMve
UA65N+gB1/wAL0NSKuKDyYDMm3h1B/EIcO28sLe+M4sjakKTQq7RMvvoDIHEuJyx
GXVHMJ4DKQVEnoMEAxq75qSI9LD0H5NSybPdhWCAQrnMUhRwp74h7RKjVp19n/Er
jVzT/7fFplb6btCACmrIZIGenBxjCK4qka/nGNDxVMuVuJR5DzI/qBg44VZk92Wz
/jMvzu1bWph8GdFkjWcTOXEXJEq/Ypwhg3Y56qxFnzTPVnDiANBBOQeHAwv+K4U=
=qIVx
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list