Re: SFTP versus FTP over SSH2

From: Jacob Nevins (jacobn_at_chiark.greenend.org.uk)
Date: 03/08/05

• Next message: MITCH BLACK: "Re: sshd handing all authentication to shell"
• Previous message: Richard E. Silverman: "Re: SFTP versus FTP over SSH2"
• In reply to: Will: "SFTP versus FTP over SSH2"
• Next in thread: Nico Kadel-Garcia: "Re: SFTP versus FTP over SSH2"
• Reply: Nico Kadel-Garcia: "Re: SFTP versus FTP over SSH2"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 08 Mar 2005 12:18:17 +0000 (GMT)

Will <DELETE_westes@earthbroadcast.com> writes:
>Can someone please explain what is the difference between SFTP and FTP
>over SSH2?

SFTP is the SSH File Transfer Protocol. It runs on top of an ordinary
SSH connection. For avoidance of doubt, it's an entirely separate
protocol to traditional FTP, with a different (but overlapping) set of
capabilities.

>Is SFTP less secure?

There should be no difference in their security properties, assuming
that (a) they're running over the same sort of SSH connection (SFTP
usually runs over SSH-2), and (b) the FTP connection is being fully
tunneled or otherwise encapsulated (I believe it's possible for the
control connection to go over SSH and the data connection to go direct,
for instance).

>Can anyone suggest possible configuration changes on their server that
>might account for getting errors like the one above from an SFTP client
>when connecting in FTP over SSH2 mode?

Perhaps they've disabled port forwarding?

Perhaps your FTP sessions were partly going in the clear, and the
relevant ports are no longer open to you?

What precise error message are you getting, when?

What SFTP client are you using that supports traditional FTP over SSH?

• Next message: MITCH BLACK: "Re: sshd handing all authentication to shell"
• Previous message: Richard E. Silverman: "Re: SFTP versus FTP over SSH2"
• In reply to: Will: "SFTP versus FTP over SSH2"
• Next in thread: Nico Kadel-Garcia: "Re: SFTP versus FTP over SSH2"
• Reply: Nico Kadel-Garcia: "Re: SFTP versus FTP over SSH2"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Secure file transfer ... We're talking about SFTP, which is a variant how to use SSH to secure the ... FTP protocol. ... is it better to use AUTH SSL or SSH/SFTP?" ... (comp.security.misc) Re: Secure file transfer ... We're talking about SFTP, which is a variant how to use SSH to secure the ... FTP protocol. ... "FTP over SSH" is the protection of the command channel. ... (comp.security.misc) RE: Secure connection between Win2k and NT4? ... session, once established, is sent via plain FTP. ... Secure connection between Win2k and NT4? ... Have you looked into SSH for this? ... (Focus-Microsoft) Re: tunnelling ... > If I want to tunnel a ftp connection I have to ... > server I want to connect to, port 21. ... What you're doing is telling your SSH client to _listen_ on port 21 ... (comp.security.ssh) Re: Does OpenSSH use RCP? ... TCP connection can be tuned for optimal performance. ... FTP command ... And then ssh comes along and crams interactive logins, ... straightjacket, but it's a really comfy and warm straightjacket, and the world ... (comp.security.unix)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint