Joe Dunning wrote:
>
>
> On Tue, 22 Apr 2008, ThreeStar wrote:
>
>>
>> Better security is better, even if it's not the best security
>> (whatever that means). SCP fits the simple scenario the poster laid
>> out, and avoids sending login credentials over the Internet in clear
>> text like FTP does.
>
> There are FTP implementations available that support encryption. They
> won't work through many firewalls, but as long as only one end has an
> external firewall, they can be used.

Most of them are not, in fact, FTP. 'sftp' is one such, and it's basically SCP
with an interface, suffering most of the flaws of SCP and rcp access. The
interface is far less flexible than FTP, it normally has no chroot capability
and thus no way to restrict clients from browsing the rest of the filesystem,
and it mishandles symlinks.

These are reasons that I like WebDAV over HTTPS: it has most if not all of the
features of FTP, it runs on the HTTPS port, and is easily implemented with a
basic Apache installation with a great deal of flexibility.