0

We have a web development company and have ftp credentials for over 300 customers. Is there a method to provide access to employees without giving them username and password? Kind of how credit card vaults exist that are pci complient and the web application has a reference of the card rather than the number and information to transact future transaction. Would there be such an alternative for ftp accounts?

Exploit
  • 165
  • 1
  • 5

1 Answers1

3
  1. Stop using FTP, it's horribly insecure. Every System Administrator on the Internet is making this face at you right now: ಠ_ಠ
  2. Employees, using SFTP or FTPS, shouldn't be chrooted. So customer are chrooted to their customer folder, but employees can access any folder, or perhaps the employees can access the parent folder of the customers folder if you want a bit of security against your employees there.
  3. OR use an entirely different method for your employees, like CIFS or NFS.

Customer credentials should not be known to anyone in your company. It's entirely unnecessary and a security risk.

Chris S
  • 77,945
  • 11
  • 124
  • 216
  • 1
    Additionally if you take the time to properly configure `sftp` (or any other SSH-based system) to use public keys, preferably [stored in LDAP or managed through some other central system](http://code.google.com/p/openssh-lpk/) you can revoke access quickly and easily. While you might not be able to get your customers to give up FTP your *employees* should be forced to do so at your earliest convenience. – voretaq7 Aug 27 '12 at 15:01
  • thanks for the info, its not my company but its a place i work i just wanted to ask the question quickly. What are some reading material i can get into so that i can change the way things are done here? Also what can i do about db credentials inserted into config files by employees rather than having to change it everytime an employee leaves a company , what is a better secure method? thanks – Exploit Aug 28 '12 at 23:55
  • @SarmenB. Reading up on [SSH/SFTP](http://shop.oreilly.com/product/9780596000110.do) and [LDAP](http://shop.oreilly.com/product/9781565924918.do) would be a great start. SSH isn't too bad to pickup, LDAP (which allows for centralized authentication) is more complicated. The DB credentials should have long random passwords (16+ characters), so employees can't easily remember them. There's not much way around storing credentials in most environments, but some methodologies are smarter than others. You have to be able to trust employees to a realistic degree. – Chris S Aug 29 '12 at 02:12