[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Re: FTPS recommendations?]
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: [Re: FTPS recommendations?]
- From: sebastian_(_dot_)_rother_(_at_)_jpberlin_(_dot_)_de
- Date: Tue, 2 Aug 2005 19:47:47 +0200 (CEST)
> another potential problem with FTPS vs. SFTP is
> firewalling. SFTP needs just one port, FTPS needs
> several, as its really just 'good' ole ftp. And I
> would certainly be curious how you would proxy an
> encrypted ftp connection....
You're right but there's no official Solution for SFTP.
And who wanna use a non-official patch?
I've not the time to review them and I guess most of the guys here don't
have the time either. :-/
And you're absolutly right. If you provide FTPS you also provide all the
security problems related to the FTP-Protocol.
But better touse stunnel and the ftpD (or another ftpD with build in
support of SSL) as to risk to get compromised by any "SSH"-Patch.
Btw: Because providing anon-SFTP-Acces:
In a time where mostly everybody is observed just because any
anti-terror-law in any country I think it's also importent to secure even
anonymous-provided Services like e.g. "Anon-SFTP".
I wont have the feeling that everybody reads my mail even everybody can
know that I send an e-Mail to e.g. my grand-mother.
That is just my oppinion.
And that's why I personaly would be happy to get such a
"official"-SFTP-only "hack" even I can't do it myself. Maybe the chance
that OpenSSH gets an own official RFC grow up if the protocol itself
spreads more and more. :)
Because as far as I know there's no official RFC.
Visit your host, monkey.org