Web lists-archives.com

Re: FTP with SSL/TLS in Dolphin




On Monday, 2017-01-30, 08:26:10, solitone wrote:
> On Monday, January 30, 2017 7:58:10 AM CET Volker Wysk wrote:
> > Am Montag, 30. Januar 2017, 06:42:08 CET schrieb solitone:
> > > Hi, is there a reason why FTP with SSL/TSL (ftps://) has not been
> > > implemented in Dolphin?
> > 
> > Shouldn't that bee "sftp://";?
> 
> No, that is FTP over SSH, not FTP with SSL/TLS.

Actually that is SFTP, a different protocol, but of course you are right that 
it is not FTPS.

Regarding your original question my guess would be that SFTP is just better 
and easier to implement because it is newer and specifically addressing the 
single secure connection model.

FTP is a very old and weird protocol, basically requiring two connections, one 
from the client to the server (control) and one from the server to the client 
(data).

There have been extensions to have the client open both connections as reverse 
connections are usually blocked by firewalls, but there are still two of them.

SSL can only secure individual connections, so the data on each connection is 
secure but there is no safe way to related those two connections to each 
other, opening up possibilities for timing related attacks, etc.

Are you working with a specific host that can't do SFTP or SSH at all?

Cheers,
Kevin

-- 
Kevin Krammer, KDE developer, xdg-utils developer
KDE user support, developer mentoring

Attachment: signature.asc
Description: This is a digitally signed message part.