|
|
Possible security issue with the use of 'ps'
The solution is simple. Just don't use FTP. Use sftp or scp
Possible security issue with the use of 'ps'
I can't believe that people actually specify FTP options on
Hmm...
When I use "ftp someserver," it seems to default to "anon" and "email@host" as the username/pass. On my server, where anon is disabled, I can't connect without using a .netrc or specifying it on the command line (which I never do). So i just use a graphical client instead ;-)
Hmm...
Well, you could just type:
ftp
You'll then be in the ftp application and get the ftp>
prompt. At the prompt, type:
It'll then log on under your username and request your
password.
Hmm...
Well, you could just type:
ftp
You'll then be in the ftp application and get the ftp>
prompt. At the prompt, type:
It'll then log on under your username and request your
password.
Hmm...
another idea to try out would be to simply run ftp from the command line without any specific parameters. Once you see the "ftp>" prompt, you can connect to machines via the command: "open someserver.com"
Hmm - use 'ftp someuser@yourdomain.com'
If you want to login as a specific user just do this:
You'll be asked for someuser's password, rather than trying to login as your local account name. No need to specifiy the user and password - user by itself is fine. It will ask for what you leave out.
Possible security issue with the use of 'ps'
There are plenty of reasons why you would want to specify credentials in a non-interactive fashion. If you want to automate the up/downloading of files, you certainly don't want to have to enter things by hand. Some programs that run on the command line will allow you to specify a file to grab credentials from (smbclient is an example of this). Some do not. A little bit of Perl can get around this, but it's not trivial if you don't know Perl (and I'm sure there are other solutions). Check the man pages (man command) to see if the command you're using supports something like this. In general, if you have multiple users on your machine, you should avoid any command-line that includes your username and (especially) your password in clear text. If you are the only user, it's not a big deal. Mr. Sharumpe |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.08 seconds |
|