Post a reply

Before posting, please read how to report bug or request support effectively.

Bug reports without an attached log file are usually useless.

Options
Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)

Options

Topic review

martin

Re: AUTH with TLS / Data Connection unsecure

This request is being tracked already.
Guest

Re: AUTH with TLS / Data Connection unsecure

Oops sorry, didn't look at the post date...
Guest

Re: AUTH with TLS / Data Connection unsecure

Frank Walther wrote:


... and he told me only that SFTP-Server is configured with a secure AUTH with TLS and the data connection is unsecured ...


That is not SFTP but encrypted FTP (FTPS), which has nothing to do with SFTP except for the similar name.

Background:
In FTP, a control connection is used for the commands the client sends to the server (e.g. "list directory") and the status codes the server sends back (e.g. "file doesnt exist"), while separate data connections are used for each transfer of directory listings or the files you download and upload.

In your case, the server encrypts the control connection, but not the data connections.

https://en.wikipedia.org/wiki/File_Transfer_Protocol
https://en.wikipedia.org/wiki/FTPS
https://en.wikipedia.org/wiki/FTPS
Guest

Re: AUTH with TLS / Data Connection unsecure

Hi Martin,

okay, it seems to be strange - as i thought.
I will ask the admin why he choosed this way of implementation of SFTP.

I have found a forum of a bigger german isp and they use same method because of traffic accounting issues. Perhaps they want security for passwords etc. on command channel and traffic accounting on data channel.
[If you like have a look at <invalid hyperlink removed by admin> - it is german, but babelfish ist your friend].

I hoped too use only one client in future, but a strange implementation does not become better if it is used often.
:?

Thanks and greetings to praha.


Frank.
martin

Re: AUTH with TLS / Data Connection unsecure

WinSCP supports only SFTP over SSH (encrypted data channel), which what it was designed for. TLS is not supported. In fact so far I haven't heard of any such SFTP implementation.
Frank Walther

AUTH with TLS / Data Connection unsecure

Hello,

at first I a have too say THANK YOU! I use WinSCP as a scp frontend a few weeks and it is very cool.

But now I have to connect to a SFTP-Server and I tried to check it out with WinSCP, but it fails. At first I thought the account pw is wrong and I tried SmartFTP and it works fine. So I asked the admin what could be different and he told me only that SFTP-Server is configured with a secure AUTH with TLS and the data connection is unsecured. I read a while about SFTP in some newsgroups and it seems to me, that there are some differences in implementation of SFTP.

I like to ask now, if I could use this kind of configuration with WinSCP? And if yes, how?

Thanks for your support.

Frank