|
date: Fri, 17 Nov 2006 08:25:30 -0500 from: AGlauser@xxxxxxxxxxxx subject: Re: sFTP question
I think Jerry is trying to do the same thing I wanted to do but could not get it to work either. I needed to do an sFTP file transfer in unattended mode in the middle of the night and the company who I was sending data to used only sFTP but only with userid and passwords, not
public keys.
This conversation has got me thinking - am I missing something, or is sFTP using userid/password no more secure than normal FTP? Is there some method of passing the userid/password securely that hasn't been mentioned? ---- Lets see, I always thought sFTP was an SSH related thing, while FTPS was the FTP/SSL thing (just like HTTPS is HTTP/SSL). The first requires SSH to operate, the later is the one involving certificates, TSL, SSL, and such. In any FTP session, there are two connections, the command channel, and the data channel. And depending on the FTPS implemention, either one, both, or even neither can be encrypted. Whether you have to have a pre-existing certificate, or the server gives you one when you connect also varies. And then there are any number of proprietary servers out there with other requirements. FTP has some dark and mysterious corners sometimes.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.