Re: [twsocket] SFTP
Thanks for your help. You are correct in that in this case it would be Windows clients connecting to a Linux server. If I produce anything useful in the future regarding this, I'll let you know. Regards Graham -Original Message- From: TWSocket [mailto:twsocket-boun...@lists.elists.org] On Behalf Of Angus Robertson - Magenta Systems Ltd Sent: 19 March 2014 11:16 To: twsocket@lists.elists.org Subject: Re: [twsocket] SFTP > I get the impression there are two types of secure FTP: SFTP or FTPS are non-standard confusing names, and different people interpret them in different ways. That's why we specify FTP SSL, and not FTPS to clearly identify what is offered by ICS. There is also FTP over SSH, which is really a UNIX thing where SSH is used for to provide a secure shell for numerous protocols. So it's not really an FTP protocol as such, there are no SSH related FTP commands. But it's simple for UNIX systems since their ancient FTP clients and servers can be used securely without modification. The major disadvantage of SSH is no public certificates, so any encryption keys need to be privately arranged. There are no plans to support SSH with ICS, but you can configure it yourself using a Windows SSH program, forget the name off hand. Angus -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SFTP
> I get the impression there are two types of secure FTP: SFTP or FTPS are non-standard confusing names, and different people interpret them in different ways. That's why we specify FTP SSL, and not FTPS to clearly identify what is offered by ICS. There is also FTP over SSH, which is really a UNIX thing where SSH is used for to provide a secure shell for numerous protocols. So it's not really an FTP protocol as such, there are no SSH related FTP commands. But it's simple for UNIX systems since their ancient FTP clients and servers can be used securely without modification. The major disadvantage of SSH is no public certificates, so any encryption keys need to be privately arranged. There are no plans to support SSH with ICS, but you can configure it yourself using a Windows SSH program, forget the name off hand. Angus -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SFTP
I get the impression there are two types of secure FTP: http://blog.goanywheremft.com/2011/10/20/sftp-ftps-secure-ftp-transfers/ Graham -Original Message- From: TWSocket [mailto:twsocket-boun...@lists.elists.org] On Behalf Of Angus Robertson - Magenta Systems Ltd Sent: 19 March 2014 10:16 To: twsocket@lists.elists.org Subject: Re: [twsocket] SFTP > I am starting to get users who want to step up the security of the FTP > connection and are tending towards SFTP (S being Secure and not Simple > in this case) rather than FTPS. Simplicity of getting though firewalls > seems to be a consideration. Don't believe SSL makes firewall support any easier, might make it harder since NAT translation can not scan the control channel for internal IP addresses. > I see that ICS now has a suite of SSL components ICS has supported SSL with FTP for several years. > but is this something that is on the ICS radar for future development. What FTP SSL features are missing or need more development? Angus -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SFTP
> I am starting to get users who want to step up the security of the > FTP connection and are tending towards SFTP (S being Secure and not > Simple in this case) rather than FTPS. Simplicity of getting though > firewalls seems to be a consideration. Don't believe SSL makes firewall support any easier, might make it harder since NAT translation can not scan the control channel for internal IP addresses. > I see that ICS now has a suite of SSL components ICS has supported SSL with FTP for several years. > but is this something that is on the ICS radar for future development. What FTP SSL features are missing or need more development? Angus -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be