1 - 2 min read
Jun 24, 2001
This article will point out the differences between standard FTP and secure FTP using some real-world examples. Secure FTP solves the password security and port control problems by allowing the entire connection to take place through a single tunneled SSH connection. . . .
This article will point out the differences between standard FTP and secure FTP using some real-world examples. Secure FTP solves the password security and port control problems by allowing the entire connection to take place through a single tunneled SSH connection. If you're a firewall administrator (and most of us have learned to adopt this title in one form or another), your firewall rules just got easier. Now you can safely block your FTP ports access to the outside world - primarily the FTP default port, 21.
The Secure FTP server has to be running OpenSSH, which accepts ssh1 and ssh2, and also needs to be running ftpd, the "normal" FTP daemon (more on this later). The Secure FTP client calls to the Secure FTP server on its SSH port. The server then connects internally to port 21, the FTP port, and tunnels the FTP data back across the SSH port to the client. To ensure the server is totally secure, you need to firewall off port 21 from outside access, only allowing the local host to connect to port 21. This is accomplished by either ipfw (firewalling) or tcpwrappers (under Unix, the hosts.allow file).
The link for this article located at 8wire is no longer available.