Topic "AUTH with TLS / Data Connection unsecure"

Author Message
Frank Walther

Guest


Hello,

at first I a have too say THANK YOU! I use WinSCP as a scp frontend a few weeks and it is very cool.

But now I have to connect to a SFTP-Server and I tried to check it out with WinSCP, but it fails. At first I thought the account pw is wrong and I tried SmartFTP and it works fine. So I asked the admin what could be different and he told me only that SFTP-Server is configured with a secure AUTH with TLS and the data connection is unsecured. I read a while about SFTP in some newsgroups and it seems to me, that there are some differences in implementation of SFTP.

I like to ask now, if I could use this kind of configuration with WinSCP? And if yes, how?

Thanks for your support.

Frank
Advertisements
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 25034
Location: Prague, Czechia
WinSCP supports only SFTP over SSH (encrypted data channel), which what it was designed for. TLS is not supported. In fact so far I haven't heard of any such SFTP implementation.
_________________
Martin Prikryl
Guest




Hi Martin,

okay, it seems to be strange - as i thought.
I will ask the admin why he choosed this way of implementation of SFTP.

I have found a forum of a bigger german isp and they use same method because of traffic accounting issues. Perhaps they want security for passwords etc. on command channel and traffic accounting on data channel.
[If you like have a look at <invalid hyperlink removed by admin> - it is german, but babelfish ist your friend].

I hoped too use only one client in future, but a strange implementation does not become better if it is used often.
Confused

Thanks and greetings to praha.


Frank.
Guest




Frank Walther wrote:

... and he told me only that SFTP-Server is configured with a secure AUTH with TLS and the data connection is unsecured ...


That is not SFTP but encrypted FTP (FTPS), which has nothing to do with SFTP except for the similar name.

Background:
In FTP, a control connection is used for the commands the client sends to the server (e.g. "list directory") and the status codes the server sends back (e.g. "file doesnt exist"), while separate data connections are used for each transfer of directory listings or the files you download and upload.

In your case, the server encrypts the control connection, but not the data connections.

https://en.wikipedia.org/wiki/File_Transfer_Protocol
https://en.wikipedia.org/wiki/FTPS
https://en.wikipedia.org/wiki/FTPS
Guest




Oops sorry, didn't look at the post date...
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 25034
Location: Prague, Czechia
This request is being tracked already.
_________________
Martin Prikryl
Advertisements

You can post new topics in this forum






Search Site

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License