Topic "CCC - Clear Command Channel"

Author Message
glauber
[View user's profile]

Joined: 2010-07-30
Posts: 7
Location: Chicago Area, USA
Would it be possible to implement the CCC command (RFC2228) to remove encryption from the command channel of an encrypted FTP connection after authentication?

There are a few servers, unfortunately, that require this.

Thank you,

glauber
Advertisements
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 25015
Location: Prague, Czechia
Thanks for your post. This request has been added to tracker.
_________________
Martin Prikryl
glauber
[View user's profile]

Joined: 2010-07-30
Posts: 7
Location: Chicago Area, USA
Thank you for considering this. I've been keeping a certain commercial product around just because of lack of support for this feature in open source products. CCC requirement is, unfortunately, rather common for FTP/SSL servers that interact with firewalls (because firewalls need to be able to read and respond to "PORT" commands).

If i may make a further suggestion, the way i see this could work, is a checkbox or advanced option to "turn off command channel encryption after authentication". There should never be a need to turn off encryption before authentication IMHO, and there should never be a need to turn off encryption on the data channel.

Thanks again,

glauber
banto

Guest


Did this get solved???
Does WinSCP support CCC?

Thanks
glauber
[View user's profile]

Joined: 2010-07-30
Posts: 7
Location: Chicago Area, USA
banto wrote:
Did this get solved???
Does WinSCP support CCC?

Thanks


Not yet.

g
banto

Guest


glauber wrote:
banto wrote:
Did this get solved???
Does WinSCP support CCC?

Thanks


Not yet.

g


I found another program that supports CCC, everything is working, but I don't want to use that program. Btw, Filezilla does not support CCC either, they said there are to many security issues, like a hacker could overtake a session.

Any thoughts about this?
glauber
[View user's profile]

Joined: 2010-07-30
Posts: 7
Location: Chicago Area, USA
banto wrote:

I found another program that supports CCC, everything is working, but I don't want to use that program. Btw, Filezilla does not support CCC either, they said there are to many security issues, like a hacker could overtake a session.

Any thoughts about this?

Thoughts?

(1) In a perfect world, we wouldn't need CCC, but this is not a perfect world.

(2) IMHO, that danger is overstated. Certainly the danger is less than with plain unencrypted FTP (which Filezilla is happy to support).

(3) The developer of Filezilla has very strong feelings about this and is not likely to change his mind. Filezilla is his app and he has the right to do what he wants with it. It's an excellent app if you don't need this feature.
jpadgett
[View user's profile]

Joined: 2012-09-07
Posts: 2
Any chance this has been added to WinSCP since the last post?
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 25015
Location: Prague, Czechia
jpadgett wrote:
Any chance this has been added to WinSCP since the last post?

Was not.
_________________
Martin Prikryl
Guest




still not, I assume?
matej sk
[View user's profile]

Joined: 2014-01-21
Posts: 3
Any chance this feature will be implemented? I would greatly appreciate being able to pass through application-aware firewalls.
Thanks.
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 25015
Location: Prague, Czechia
matej sk wrote:
Any chance this feature will be implemented? I would greatly appreciate being able to pass through application-aware firewalls.
Thanks.

I have raised priority of this request.
rradnay

Guest


Has this feature been implemented?
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 25015
Location: Prague, Czechia
rradnay wrote:
Has this feature been implemented?

Not yet. What is your use case?
Advertisements

You can post new topics in this forum






Search Site

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License