Re: Secure file transfer



"Sebastian G." <seppi@xxxxxxxxx> writes:

Unruh wrote:


SSL. SSH/SFTP only protects the data transfer channel, not the command channel.

No idea what you are talking about. ssh encrypts everything passing between
the two computers.


We're talking about SFTP, which is a variant how to use SSH to secure the
FTP protocol. In the SFTP setup, the protection by SSH is only applied to
the data transfer channel.

"SFTP" is *NOT* "a variant how to use SSH to secure the FTP protocol".

It's an SSH based file transfer protocol which has NOTHING to do
with FTP whatsoever.

It's defined in http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13
and it's some form of packetized file transfer over an SSH tunnel.

The full transfer of data is protected.

There are no commonalities with ftp except for the name (it's a file
transfer protocol, after all) and the command interface.

Casper
--
Expressed in this posting are my opinions. They are in no way related
to opinions held by my employer, Sun Microsystems.
Statements on Sun products included here are not gospel and may
be fiction rather than truth.
.



Relevant Pages

  • Re: OT: SFTP
    ... File Transfer Protocol". ... Und daneben gibt's eben aber auch noch Secure FTP, ... SFTP (SSH File Transfer Protocol) ...
    (de.soc.recht.datennetze)
  • Re: secure ftp on the mainframe
    ... A file transfer protocol that isn't FTP is more than a little confusing. ... FTP under SSH ... Search the archives at http://bama.ua.edu/archives/ibm-main.html ...
    (bit.listserv.ibm-main)
  • Re: Is there a graphic SFTP for Ubuntu
    ... You are correct Chris. ... sftp is just ftp over ssh. ... Use with the SSH Connection Protocol ...
    (Ubuntu)
  • Re: OT: SFTP
    ... Mit "SFTP" bezeichnet man normalerweilse "SSH File Transfer Protocol", eine Erweiterung von SCP, die mit FTP ausser dem Namen nichts gemeinsam hat. ...
    (de.soc.recht.datennetze)
  • [NEWS] SSH Protocol Weakness Vulnerability (MITM)
    ... A weakness in the backward compatibility of the SSH Protocol has been ... SSH version 1.0) is unlikely to have the host key for the other protocol ... The SSH daemons advertise one of two major versions, ...
    (Securiteam)