I know. I have been in too many conversations where I say that z/VM can
support FTPS and the other instantly say 'Good, we can use SFTP from our
SSH sessions.' So I have to re-educate them and 2 months later the scene
repeats with the same cast of characters. At times, I regret having
worked out how to do FTPS on z/VM. My time and efforts would have been
better utilized in creating a secure drop-zone server using linux.
/Tom Kern
Adam Thornton wrote:
On Apr 24, 2008, at 12:25 AM, Thomas Kern wrote:
I thought SFTP was an ftp like command set inside the SSH protocol and
that FTPS was the FTP protected by SSL. Our Network gurus keep
referring too out SSL protected TN3270 as TELNETS and even insisted on
us using port 992 for it since that was set in some RFC.
You're correct.
It also confuses people, I have found, unless you spell them out. I
can't imagine why.
Add to this the question of "flavors of FTPS"--that is, with
stunnel/pre-VM-5.3 SSLSERV, you *can* encrypt the control channel, which
might be good enough. But if you need to encrypt the data too, you need
explicit SSL, and you need to negotiate an encrypted channel. It's
enough to make a grown man cry.
Adam
