FTP with SSL/TLS
Dar Scott
dsc at swcp.com
Tue Aug 22 19:31:09 EDT 2006
On Aug 22, 2006, at 2:41 PM, Dave Cragg wrote:
> FTP over SSL/TLS is different from SFTP (FTP over SSH), I believe.
> It's a while since I looked at this, but I think FTP over SSL/TLS
> would probably be easier to implement. However, I think the engine
> still needs a way to negotiate a secure connection (secure
> handshake??) over an existing non-secure connection before this
> could be implemented in libUrl. On the other hand, SFTP seems to be
> more widely supported by servers.
Yes, FTPS (FTP over SSL/TLS) should be easier for libUrl, at least if
you assume implicit FTPS where you assume the connection is secure
from the start and no command is needed to turn it on.
Some rambling on the subject...
I have looked at SSH several times to be used as part of a Rev
standalone and each time the biggest technical problem was getting
the passphrase to the right place at the right time with minimum
abrasion of the user. This was especially a problem on OS X. The
other big technical problem was setting up painless installation. It
can be done; it is just a bunch of work.
However, there is a way to use SSH with FTP on systems that allow
it. One who is willing to invest a little learning can create an
automatic tunnel from the client system to the server. This can make
a local port look just like the FTP port on the server. Instead of
connecting to the server, you connect to the local port. SSH is
listening on that and will make a connection to the server asking it
to make an "inside" connection to the FTP port. Some people do this
for their POP accounts. This is not SFTP and this is not FTPS. I
don't know what to call it.
Dar Scott
More information about the use-livecode
mailing list