[BlueOnyx:05764] Re: http://bugs.proftpd.org/show_bug.cgi?id=3521
Chris Gebhardt - VIRTBIZ Internet
cobaltfacts at virtbiz.com
Wed Nov 10 18:27:25 -05 2010
Michael Stauber wrote:
> 2.) "FTP over SSL":
>
> Opposed to "Secure FTP" the FTP session itself gets encrypted - without
> sending all the data over a separate SSH connection. Instead the control
> channel *and* the data-channel of the FTP session are encryped through SSL or
> TLS. Even server to server FTP connections (FXP) can be encrypted via SSL/TLS,
> which is not yet possible with "Secure FTP". Thanks to "FTP over SSL" it is
> now possible to completly encrypt a passive FTP session. If active FTP is
> used, then it's possible to use "implicit SSL", which immediately allows to
> start the session encrypted without first issuing "AUTH SSL" or "AUTH TLS"
> through an unencrypted plain text command during the startup of the
> connection.
>
> FTP over SSL also works if no SSH connection is allowed or if the FTP user has
> no shell assigned. The only requirement is that the user is allowed to login
> by FTP and that he is not suspended.
This looks pretty good. I think the idea of FTP over SSL is great. Is
a separate SSL certificate required, or is the "default" BX cert used?
--
Chris Gebhardt
VIRTBIZ Internet Services
Access, Web Hosting, Colocation, Dedicated
www.virtbiz.com | toll-free (866) 4 VIRTBIZ
More information about the Blueonyx
mailing list