sftp

Mike Fisk mfisk at lanl.gov
Thu Jul 27 12:11:18 EST 2000


On Fri, 21 Jul 2000, Pekka Savola wrote:

> On Thu, 20 Jul 2000, Gary E. Miller wrote:
> 
> > > - data channels cannot be encrypted.
> > True.  I am far more worried about my password than the data but
> > this is a problem for many.  This could (should) be fixed in SSH.
> 
> The most important thing, yes.
> 
> Well, ftp is one of those "What the hell were they
> thinking.. oh it was 30 years ago" protocols;
> Encrypting these channels would require dynamic allocation of SSH
> forwardings, or a very special FTP client which would you let you specify
> the port you want to use for FTP data.
> 
> Can't be done, really.

Well, it can be done.  The MindTerm SSH client looks at the data going
over the port 21 (FTP control) connection and proxies the data connection
setup.  It dynamically requests the creation of a new tunnel and then
modifies the control data so that the tunnel is used.

-- 
Mike Fisk, RADIANT Team, Network Engineering Group, Los Alamos National Lab
See http://home.lanl.gov/mfisk/ for contact information






More information about the openssh-unix-dev mailing list