Its all a little confusing... SSH is a tool/protocol for providing a secure connection over IP networks. Once you have a connection, you can have multiple "channels" routed over it. Channels could be interactive terminal sessions (to replace telnet), port-forwarding channels, command redirection channels, and "subsystem channels" (which are a special case of command channels).
Here's the main RFC for SSH: http://www.ietf.org/rfc/rfc4251.txt A *separate* tool distributed with most SSH implementations is "sftp", which runs as an SSH subsystem. The sftp "protocol" is a packet protocol for file transfer that *assumes* that you already have a secure connection, and by default the sftp command line tool simply invokes the command line tool to setup its secure channel. sftp doesn't have connection setup, authentication, encryption, compression, etc - it relys in SSH to do that. Here's the main RFC for SFTP: http://tools.ietf.org/wg/secsh/draft-ietf-secsh-filexfer/ Another spin on this is that you can also use SSH to setup a secure channel and a SOCKS proxy and then use an *FTP* client over the secure SSH channel via the proxy. This is an alternative to FTP/TLS, which can be a nightmare for firewalls and NAT routers due to its use of multiple sockets which, when encrypted, can't be snooped to setup the data port connection. FWIW, we use SSH subsystem channels in our (free) Co:Z product to setup a secure connection from a batch job to a remote Unix/Windows process. Additional channels are setup via port forwarding if the remote process wants to access z/OS datasets from the launching job. Anyway, the SSH protocol is very cool, and the OpenSSH project is some of the most useful free software available. If you really want to be in the club, support them by buying one of their cool tee shirts ( http://www.openssh.org/tshirts.html) Kirk Wolf Dovetailed Technologies http://dovetail.com ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
