On Mon, 6 Apr 2009, ecrist at secure-computing.net wrote: > SFTP doesn't require a real shell. With mysql or LDAP back ends, you > don't need to put the user entries in the password file. I'd recommend > using your standard password file and set the shell to /nonexistent or > scponly (there's a package for that one). What does it mean to use "mysql or LDAP back ends" for sftp? When a connection comes to port 22, then what happens? I'm asking because I don't know. I would assume there is a username/password kind of exchange and a connection is made. Is the sftp/mysql scheme better than using secure http so that users can connect using a web browser? Mike