Re: What is the difference between ftp encryption types SSL, TLS, SFTP and SSH ?
- From: Kristian Fiskerstrand <newsaccount@xxxxxxxxxxxxxxxxxxxxxx>
- Date: Sun, 17 Dec 2006 13:18:04 +0100
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Marcus Mender wrote, On 12/17/2006 01:00 PM:
I have seen a couple of different encryption types for ftp connections:These are not at all about FTP in the first place.
Transport layer security, you find this commonly used in e.g. the SMTP
TLS
protocol (sending emails)
SSLSecure Socket Layer, what is used by https:// connections. The primary
difference between SSL and TLS is that SSL is negotiated on connection,
while TLS upgrades from an ordinary connection. This is why for the HTTP
protocol, the default non-secured port is 80 and the default secure port
(SSL) is 443, while for SMTP both encrypted and non-encrypted will
happen on port 25 by default.
I wrote a small article about the difference between TLS and SSL, and my
wish that TLS to be used for web traffic at
http://www.kfwebs.net/articles/article/35/TLS--SSL-and-HTTP
SFTP
This protocol is a subservice of SSH, and in many ways replaced the scp
file transfer (which again replaced rcp).
SSH
secure shell, replaced telnet by offering a secure connection into the
system.
SFTP and SSH have nothing to do with FTP per se, so an FTP server won't
Ok, provided an ftp server offers all these types: which type should I choose
to setup the ftp server or to select from the ftp clients view ?
offer it.
There are quite a lot of differences, personally I don't allow any
Is the security for all these types similar and the difference refers only different protocols?
user/pass logins to happen to my system, but only authentications based
on Public Key Infrastructure, so I'm using SFTP mostly to get access to
files.
What are the pros and cons ?You haven't mentioned what context you want to use this in. If you were
to provide a webhosting service, you wouldn't have an option but to use
FTP.
If it is only for your own use I would personally go for SSH/SFTP and
disable ordinary FTP at all.
Marcus
- --
- ----------------------------
Kristian Fiskerstrand
http://www.kfwebs.net
- ----------------------------
http://www.secure-my-email.com
http://www.secure-my-internet.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQIVAwUBRYU1fBbgz41rC5UIAQhCCBAAqhTsu19xKh2poAlHQXAfH6I4W8UxXa5V
vPWHG+wumdbpxHBrT7TqjJaH8bZIiu1Xq5JIJyrDXLpm9CYbeEb+f2oxHPHSwKtU
Itlc65tiKtLgz6qMQJl/LefnQQym2U+4MaYkrp7pHvAcibWjJtB0OyWcyMiw8xri
isBzmKGvQ6Iai/VO6kj/WtI4t0miW+ZOcWQSeh/hkB+Qh/V7jzb3y5EhYAlKncWE
T82NlalUuUg8rtmmdMl4SNTqVG64ocVTfwH918MetnLoyBIbWjaSRisBlWP94NS0
UcEsxhJeKdpfQv9kWL802qj5E/84/GMgmQronJ/1UDBDylIQcXwzl/n0ligAzzic
Wupf0HsnlAbmUrBr4BbXxdcFqbwAjwFE8CUdnjM0yWDIbxZxtLKIxIkfcBG90WXI
C8ODHEG3k+Eg1X3VKoZ9ZQ+dNA5MbrFlmOkFUDxYtx0/oORYgntgGFRgJFpVWSdZ
5vBFieYo/uSek86E64qvwIuDgoNgw5M/HSIFyB5f4RYtE1jP9QJU9zDDNi7PnC8X
DKv36R6HBR20TP0+YJuRxqEDXWU+Rx7eIfHUPmaMqQv1LKG8u06ioZ933UuJmu28
73kzJe/4bI9Z1ZAh5OtxQvRWHRcp+QSHlRmdoF9wG2RJHtnM18lw0QxG2IqfMJ6E
Wk32hO1mKEc=
=1X1a
-----END PGP SIGNATURE-----
.
- Prev by Date: Re: Does Public Key Authentication offer additional security over SSH/SFTP
- Next by Date: Re: What is the difference between ftp encryption types SSL, TLS, SFTP and SSH ?
- Previous by thread: Only allow public/private key authentication ?
- Next by thread: Re: What is the difference between ftp encryption types SSL, TLS, SFTP and SSH ?
- Index(es):
Relevant Pages
|
|
