RE: FTPS? (was RE: SFTP?)
Thanks. That fits with what I already knew. Based both my own experience and yours regarding using SFTP over FTPS, it makes me wonder why whenever there's a request for FTP servers recommendation thread that it only includes servers that use FTPS. Do most people just not use the security? I haven't seen many private vendors requiring either FTPS or SFTP whereas here it's policy. I've been looking for an easy to administer server for home, but I want secured transfers so this interest isn't just academic. --- Kevin Graeme Cooperative Extension Technology Services University of Wisconsin-Extension > -Original Message- > From: Damien McKenna [mailto:[EMAIL PROTECTED] > Sent: Tuesday, October 11, 2005 10:46 AM > To: CF-Talk > Subject: RE: FTPS? (was RE: SFTP?) > > FTPS is a file transport layer on top of SSL or TLS. There > are number of options available with it and this can cause > problems: SSL v2 or v3 or TLS, implicit connection, passive > transfers, etc. In my experience it can be quite tricky to > get the options all working correctly on both the server and > client if you have a firewall or two in the middle, I spent > quite some time this past summer trying to get a series of > servers working and ultimately gave up. One of the problems > that I see with FTPS is that there are several fall-back > options usually available (sometimes required) which drop > communications back to an unsecured channel, which defeats > the purpose. > > SFTP is a file transport layer on top of SSH, a protocol for > creating secure shell logins. It is IMHO the most secure way > of doing transfers and is easiest to use from a network > management point of view because it all runs on one port > (#22) and there are no "drop back to unsecured transfers" > capabilities. > > Whether my experiences with FTPS were actual problems or just > my lack of knowledge I can't say, I just got frustrated after > trying several server-client combinations and gave up in > favor of SSH which was pretty much install-and-go. > > FYI there are both free SSH servers (OpenSSH on > UNIX/Linux/BSD/MacOSX and FreeSSHd on Windows) and clients > (oodles on UNIX, CoreFTP on > Windows) available. > > -- > Damien McKenna - Web Developer - > [EMAIL PROTECTED] The Limu Company - > http://www.thelimucompany.com/ - 407-804-1014 #include > > > ~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:220797 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
RE: FTPS? (was RE: SFTP?)
> -Original Message- > From: Kevin Graeme [mailto:[EMAIL PROTECTED] > > Related to this, can someone point me to a comparison of the two? I > understand that SFTP is SSH file transfer and FTPS is FTP > with SSL, but what are the tradeoffs between them if any? FTPS is a file transport layer on top of SSL or TLS. There are number of options available with it and this can cause problems: SSL v2 or v3 or TLS, implicit connection, passive transfers, etc. In my experience it can be quite tricky to get the options all working correctly on both the server and client if you have a firewall or two in the middle, I spent quite some time this past summer trying to get a series of servers working and ultimately gave up. One of the problems that I see with FTPS is that there are several fall-back options usually available (sometimes required) which drop communications back to an unsecured channel, which defeats the purpose. SFTP is a file transport layer on top of SSH, a protocol for creating secure shell logins. It is IMHO the most secure way of doing transfers and is easiest to use from a network management point of view because it all runs on one port (#22) and there are no "drop back to unsecured transfers" capabilities. Whether my experiences with FTPS were actual problems or just my lack of knowledge I can't say, I just got frustrated after trying several server-client combinations and gave up in favor of SSH which was pretty much install-and-go. FYI there are both free SSH servers (OpenSSH on UNIX/Linux/BSD/MacOSX and FreeSSHd on Windows) and clients (oodles on UNIX, CoreFTP on Windows) available. -- Damien McKenna - Web Developer - [EMAIL PROTECTED] The Limu Company - http://www.thelimucompany.com/ - 407-804-1014 #include ~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:220723 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
RE: FTPS? (was RE: SFTP?)
Related to this, can someone point me to a comparison of the two? I understand that SFTP is SSH file transfer and FTPS is FTP with SSL, but what are the tradeoffs between them if any? In my experience it seems that unix administrators seem inclined to use SFTP while most easy to administer FTP server packages running on Windows use FTPS. >From a practical perspective, most client tools I see use sftp, including Dreamweaver and Contribute, which makes me shy away from picking a server that uses FTPS even if it is easy to administer. --- Kevin Graeme Cooperative Extension Technology Services University of Wisconsin-Extension > -Original Message- > From: Chris Terrebonne [mailto:[EMAIL PROTECTED] > Sent: Wednesday, June 08, 2005 7:59 AM > To: CF-Talk > Subject: FTPS? (was RE: SFTP?) > > Actually, I had my acronym backwards (which apparently makes > a HUGE difference :). > I am really looking for FTPS ability (FTP over SSL). > Sorry for the confusion. Any idea where I can find a CF > resource for that protocol? > > Thanks again, > Chris ~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:220661 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
RE: FTPS? (was RE: SFTP?)
Thanks for the help everyone. I'll start digging through those libs and see what I can use. Thanks again, Chris >>> [EMAIL PROTECTED] 06/08/05 10:06AM >>> > Actually, I had my acronym backwards (which apparently makes > a HUGE difference :). > I am really looking for FTPS ability (FTP over SSL). > Sorry for the confusion. Any idea where I can find a CF > resource for that protocol? The library I pointed you to does FTPS as well as SFTP. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:209005 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
RE: FTPS? (was RE: SFTP?)
> Actually, I had my acronym backwards (which apparently makes > a HUGE difference :). > I am really looking for FTPS ability (FTP over SSL). > Sorry for the confusion. Any idea where I can find a CF > resource for that protocol? The library I pointed you to does FTPS as well as SFTP. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~| Discover CFTicket - The leading ColdFusion Help Desk and Trouble Ticket application http://www.houseoffusion.com/banners/view.cfm?bannerid=48 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:208970 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
Re: FTPS? (was RE: SFTP?)
http://www.houseoffusion.com/cf_lists/index.cfm/method=messages&threadid=26929&forumid=4 (sorry if that wraps) --Ferg Chris Terrebonne wrote: >Actually, I had my acronym backwards (which apparently makes a HUGE difference >:). >I am really looking for FTPS ability (FTP over SSL). >Sorry for the confusion. Any idea where I can find a CF resource for that >protocol? > >Thanks again, >Chris > > > [EMAIL PROTECTED] 06/08/05 08:58AM >>> >>Can CF do secure FTP (SFTP)? >> >> > >No. > > > >>If not, is there a Java class that can be used in CF that will? >> >> > >You could try this: >http://www.jscape.com/sftp/ > >I haven't tried it myself, though. > >Dave Watts, CTO, Fig Leaf Software >http://www.figleaf.com/ > >Fig Leaf Software provides the highest caliber vendor-authorized >instruction at our training centers in Washington DC, Atlanta, >Chicago, Baltimore, Northern Virginia, or on-site at your location. >Visit http://training.figleaf.com/ for more information! > > > > > ~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:208956 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
RE: FTPS? (was RE: SFTP?)
In that case, you could proxy the connection through stunnel. Http://www.stunnel.org Paul ~| Discover CFTicket - The leading ColdFusion Help Desk and Trouble Ticket application http://www.houseoffusion.com/banners/view.cfm?bannerid=48 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:208955 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54