From owner-freebsd-security Mon Mar 11 15:42:10 2002 Delivered-To: freebsd-security@freebsd.org Received: from h146n1fls31o859.telia.com (h146n1fls31o859.telia.com [213.66.12.146]) by hub.freebsd.org (Postfix) with SMTP id 4DA6D37B41B for ; Mon, 11 Mar 2002 15:42:00 -0800 (PST) Received: (qmail 8864 invoked from network); 11 Mar 2002 23:41:32 -0000 Received: from localhost (HELO 127.0.0.1) (root@127.0.0.1) by localhost with SMTP; 11 Mar 2002 23:41:32 -0000 Date: Tue, 12 Mar 2002 00:42:08 +0100 From: Tomas Svensson X-Mailer: The Bat! (v1.51) Personal Reply-To: Tomas Svensson X-Priority: 3 (Normal) Message-ID: <10933733005.20020312004208@gbdev.net> To: Tom Rhodes Cc: FreeBSD-security@FreeBSD.ORG Subject: SafeTP [was Re: sftp for windows clients] In-Reply-To: <3C8D1239.8050605@pittgoth.com> References: <3C8D1239.8050605@pittgoth.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Monday, March 11, 2002, 9:23:21 PM, you wrote: TR> Today I was poking around sftp. Upon my browsing I noticed that a TR> really neat program known as SafeTP was developed at Berkeley. This TR> utility seems to attach itself to ANY ftp client in windows/unix and TR> provide a secure connection... My few moments of testing pointed out to TR> me that it works in windows easily, so newbies can use it with say WS_ftp. There are some major problems with SafeTP (which for the consfused has absolutely nothing to do with SSH, SFTP nor SCP) : 1) It is limited to 3DES encryption only (and it does not use the assembly optimized or possibly hardware accelerated OpenSSL implementation). 2) The wrapper is only available for Windows. On unix you must use a terrible client called 'sftpc' which is very limited. 3) The Windows version is known to cause problems ranging from network problems to people beeing forced to reinstall Windows (because SafeTP is messing directly with the WinSock DLL files). 4) To get the source code you must fill out a form with your name, email address etc. Some quotes from the SafeTP license agreement are: "The end user ("you") may not redistribute the source code, whether modified or not." "You may not distribute compiled binaries, except those compiled from unmodified source code retrieved directly from the SafeTP website." "You may not use the SafeTP source code in any way to create a product that competes with SafeTP." So just don't go there. Use TLS/SSL or possibly SFTP if you need secure filetransfers that works on multiple platforms. -Tomas To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message