FTPS
From Wikipedia, the free encyclopedia
FTPS (commonly referred to as FTP/SSL) is a name used to encompass a number of ways in which FTP software can perform secure file transfers. Each way involves the use of a SSL/TLS layer below the standard FTP protocol to encrypt the control and/or data channels. It should not be confused with SSH file transfer protocol.
The most common uses of FTP and SSL are:
- AUTH TLS or Explicit FTPS, named for the command issued to indicate that TLS security should be used. This is the preferred method according to the RFC defining FTP over TLS. The client connects to the server port 21 and starts an unencrypted FTP session as normal, but requests that TLS security be used and performs the appropriate handshake before sending any sensitive data.
- AUTH as defined in RFC 2228.
- Implicit FTPS is an older, but still widely implemented style in which the client connects to a different port (usually 990), and an SSL handshake is performed before any FTP commands are sent.
[edit] Data channels
Data can be encrypted in the command channel, the data channel, or most often both. If the command channel is not encrypted, the protocol is said to be using a clear command channel (CCC). If the data channel is not encrypted, the protocol is said to be using a clear data channel (CDC).
[edit] See also
- List of FTP clients
- List of FTP servers
- Compare with SSH file transfer protocol (SFTP)
[edit] External links
- RFC 4217 - Securing FTP with TLS
- Overview of FTPS, and lists of clients, servers, and proxies supporting FTPS