OpenSSH/scp ->> F-Secure SSH server Problems
Jeffrey Altman
jaltman at columbia.edu
Tue Mar 13 00:31:48 EST 2001
>
> > I also don't understand the
> > fascination folks have for FTP. Anything that uses non-deterministic
> > dynamically reassigned ports is fundimentally insecurable.
>
> In this case (i.e. in the case of wanting to "ftp" over SSH) the issue
> is with the stupid user interface. Naive users are looking for some SSH
> file copying tool that works just like their FTP clients, i.e. where
> they can see a list of files on the server and click/drag/whatever them
> to effect the copy.
Why do you need to use FTP over SSH when FTP is "securable" using any
number of methods? The most common methods are
SSL/TLS
GSSAPI
Kerberos
SRP
When using any of these methods both the command and data channels
used by FTP are authenticated, encrypted and integrity checked. In
other words, they are secure.
C-Kermit 7.1 provides an FTP client and supports all of the above
methods. FTP daemons that implement the above protocols are available
from a number of sources depending on which protocol you wish to use.
Jeffrey Altman * Sr.Software Designer C-Kermit 7.1 Alpha available
The Kermit Project @ Columbia University includes Secure Telnet and FTP
http://www.kermit-project.org/ using Kerberos, SRP, and
kermit-support at kermit-project.org OpenSSL. SSH soon to follow.
More information about the openssh-unix-dev
mailing list