Thank you Scott.

I would like to send your comments to this DP manager, as you put into clear words concepts that would appear to be confusing to some oeople. I looked at the parameters for the FTP command and wondered why the distinction on data and command encryption.

May I forward your original comments to this manager?

John McKee

-----Original message-----
From: Scott Klement midrange-l@xxxxxxxxxxxxxxxx
Date: Fri, 03 Sep 2010 10:22:07 -0500
To: Midrange Systems Technical Discussion midrange-l@xxxxxxxxxxxx
Subject: Re: FTP-S

IMHO, this is rather misguided.

sftp is a highly-secure protocol, it's always encrypted from end-to-end.

FTPS is also highly-secure, but it has the ability to turn encryption
on/off at different points in the conversation. In theory, FTPS _could_
be as secure as sftp. But in practice, it almost never is.

FTP is a very old protocol. The first standard for it was published in
1971, when the Internet was only a handful of computers, and they all
trusted each other. Some of the things that FTP does are, quite
frankly, a really bad idea in today's world.

It uses a different port for every file transfer, forcing firewalls to
have a whole range of ephemeral ports open. Not a good idea for security.

It calculates the IP address and port number during the conversation,
and sends them over the control channel. In order to make that work
with NAT, the NAT router has to read every packet, and change the data
in the packet. That can't work if the data is encrypted (the NAT router
can no longer read it -- duh, it's encrypted!)

So FTPS typically uses the encryption only for the userid/password, and
then drops back to plain-text mode. That's not nearly as secure as
sftp, which stays encrypted throughout the conversation.

Frankly, the problem with FTPS is they tried to "put lipstick on a pig".
They took a protocol that had some serious flaws already, and tried to
add cryptography to it... and it's just not as good as the totally
re-imagined sftp protocol (which was designed for security from the
ground up.)

To me (someone who has spent a lot of time studying the inner workings
of these protocols) the idea that FTPS is *more* secure than sftp is
absolutely ludicrous.

If your problem is that SSH allows interactive logins as well as file
transfers, then you should change your SSH configuration to disallow the
interactive logins for those users.


On 9/2/2010 10:17 PM, jmmckee wrote:
Below is the rationale for dropping sFTP. Does this make sense? I
get the impression that the manager believes sFTP (and ssh) is not
secure. Or, that ssh (and sFTP) are not as good as FTP/S.

"The system supports FTPS, which is a tightening of security as it
prevents excessive SSH accounts that can make the server more vulnerable."

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.