Which is worse -- Client shell access, or Client FTP?

I seem to have come to an awkward spot. I would rather not give shell access to all clients. And I would rather have clients only upload files using secure means.

Yet it appears that -- at least on my windows machine -- if I try to use the secure methods WinSCP or SSH, they will only connect if I've granted the account shell access.

This seems like a forced choice between poor security to the left, or poor security to the right.

My office machines are still Win95, so cannot test the WS_FTP in this regard. Current versions can do SSH, but will not run on Win95.

Does anybody know a way to transfer files securely, to an account which does not have shell access?

If not, and I must choose one of these two evils, which path is the lesser evil?

 

 

 

 

Top