On Tue, Oct 09, 2001 at 11:44:23AM +0000, Jonas Larsson wrote: > Hello Alexander, > > Thanks for a really nice application (LFTP) :) > > The most secure ftpd around (as I think) is pure-ftpd (http://pureftpd.org/) > > and it has right now added support for the SFTP protocol. Unfortunately only > > (as I know) openssh supports that protocol under UNIX. :( > > If you could take yourself time to implement this feature in LFTP (the best > ftp-client around for UNIX :) it would be just great!
Hmm. Looks like the protocol isn't designed to be comparable to FTP, which is pretty poor, as using an extension to FTP would make this far easier to implement. Not using a second connection for data is also poor (it's quite easy to secure a second connection when you have a secure protocol to do so), as it prevents aborting; and the idea of having commands any more "compact" than FTP's is ridiculous. (The size of commands has zero impact on protocol performance--within reason--all that matters is when you're allowed to send commands asynchronously.) Looks like a pain. I'd much prefer a protocol that goes hand-in-hand with FTP (perhaps without some of the annoyances, like unstandardized LIST). FXP is useful--for legitimate purposes, no less--though I suspect making a secure FXP would be difficult (securing between three parties.) ABOR is useful. Negative impressions aside, it looks useful enough to warrant the effort-- and we probably won't see a protocol that does most of the above any time soon (and I'm not going to design it :), so we may be stuck with it. Something like this *is* desperately needed, though. I'd wonder: is it possible to encrypt stuff like authentication, but only validate (ie. securely MD5 or something) transfers? Encrypting files for transfer very often is completely unnecessary and expensive; making sure nobody tampers with the file in transit is *far* more important (along with secure authentication), and being able to disable active encryption for transfers would save a lot of overhead. (Not knowing the state of this kind of encryption, it might also make it possible to support SFTP without full encryption in a way that's not hit by encryption import/export laws ...) -- Glenn Maynard
