On Wed, May 25, 2022, at 10:30 AM, Dustin Hayes wrote: > > What Michael is trying to tell you is that your confusing "sFTP" and "FTPs", > these are two very different protocols which have nothing to do with each > other (think beta vs vhs). > > sFTP is "ftp tunneled though the SSH interface" and runs on TCP/22. Getting > that functional is a conversation covered in the USS books, check out the SSH > section. >
The first sentence is true, but the second is probably misleading. "SFTP" / "sFTP" aka "SSH/SFTP" is not the FTP protocol tunneled through an SSH interface. Not even a little. The SFTP packet layer that runs over an SSH channel is this: https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-13 SFTP resembles "FTP" only as far as many SFTP clients have a command language that is somewhat similar to FTP. If you look at the SFTP protocol layer, it is semantically close to the the low level Unix file API. Here are the SFTP protocol packet types (with some interesting twists): SSH_FXP_INIT 1 SSH_FXP_VERSION 2 SSH_FXP_OPEN 3 SSH_FXP_CLOSE 4 SSH_FXP_READ 5 SSH_FXP_WRITE 6 SSH_FXP_LSTAT 7 SSH_FXP_FSTAT 8 SSH_FXP_SETSTAT 9 SSH_FXP_FSETSTAT 10 SSH_FXP_OPENDIR 11 SSH_FXP_READDIR 12 SSH_FXP_REMOVE 13 SSH_FXP_MKDIR 14 SSH_FXP_RMDIR 15 SSH_FXP_REALPATH 16 SSH_FXP_STAT 17 SSH_FXP_RENAME 18 SSH_FXP_READLINK 19 SSH_FXP_LINK 21 SSH_FXP_BLOCK 22 SSH_FXP_UNBLOCK 23 SSH_FXP_STATUS 101 SSH_FXP_HANDLE 102 SSH_FXP_DATA 103 SSH_FXP_NAME 104 SSH_FXP_ATTRS 105 SSH_FXP_EXTENDED 200 SSH_FXP_EXTENDED_REPLY 201 Kirk Wolf Dovetailed Technologies http://dovetail.com PS> z/OS OpenSSH doesn't use AT-TLS. It can directly use ICSF calls or direct CPACF instructions for Ciphers and Macs. SSH (the SSH2 RFC) doesn't use TLS handshaking either. Maybe that's why the many SSL/TLS bugs haven't applied :-) ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
