Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 05 Jan 2012 13:38:29 +0000
From:      Matthew Seaman <m.seaman@infracaninophile.co.uk>
To:        freebsd-stable@freebsd.org
Subject:   Re: FTPS Server?
Message-ID:  <4F05A7D5.8000403@infracaninophile.co.uk>
In-Reply-To: <4F059BEA.3000508@denninger.net>
References:  <4F059BEA.3000508@denninger.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigB8988684A4496358E3D783A6
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

On 05/01/2012 12:47, Karl Denninger wrote:
> Not SFTP (which is supported by the sshd) but FTPS.... is it supported
> by FreeBSD?

No, not supported in the base system.

> This question may belong on the ports list, but a quick perusal there
> didn't find anything particularly interesting (one possible candidate i=
s
> marked broken)

Several of the ftp daemons in the ports should be capable of running
FTPS.  10 seconds with Google turns up HOWTOs for setting up either
vsftpd or proftpd to provide FTPS support.

However, personally, I'd avoid FTPS.  It suffers from most of the design
flaws of standard FTP[*], particularly as regards passing through
firewalls.  Worse, because the traffic is encrypted, you can't even use
tools like ftp-proxy (in ports as ftp/ftp-proxy) to extract transient
port numbers by deep packet inspection.  As far as your users are
concerned, just use SFTP.  It behaves exactly like an ordinary FTP
client, but the underlying SSH protocol over the network is way, way
better designed.

	Cheers,

	Matthew

[*] Miserable, archaic and long overdue to be put out of our misery.

--=20
Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey     Ramsgate
JID: matthew@infracaninophile.co.uk               Kent, CT11 9PW


--------------enigB8988684A4496358E3D783A6
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk8Fp9sACgkQ8Mjk52CukIzPTACfTjxnUccuw788AxLzgoFAG2rc
TEAAn0PcPNdeUOk+RioyFvm5rNrSvEuG
=zmJG
-----END PGP SIGNATURE-----

--------------enigB8988684A4496358E3D783A6--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4F05A7D5.8000403>