Hi,
I am experimenting a bit with connections between FileZilla's latest client and server builds, especially with the SSL/TLS/SSH2-implementation of the latest server build 0.9.6a. So far encrypted connections work like a charm and so first of all I would like to take the opportunity to thank the programmers of this wonderful FTP client and server: Thank you very much, your work is highly appreciated!
My question: Which are the differences of the different encryption methods and which one should I use? - I have already read a bit by googling the web, and as far as I understand, implicit encryption will only encrypt logins and passwords while explicite encryption will encrypt everything (including the actual files that are transferred). The difference between SSH2 and SSL/TLS is also clear, but what exactly is the difference between explicit SSL and explicit TLS? And which one should I prefer?
Thank you very much for every answer
petit prince
SSL, TLS, SSH2 - which are the differences?
Moderator: Project members
-
- 500 Command not understood
- Posts: 3
- Joined: 2005-04-02 21:20
You propably already know standard FTP. With the latest version of FZS you can also use FTP over SSL/TLS (short: FTPS). SSL and TLS are very similar, in fact TLS is basically a newer version of SSL.
FileZilla Server itself treats SSL and TLS exactly the same, its part of the SSL library to decide what to use.
Using SSL encryption, the normal FTP traffic just gets tunneled through a SSL/TLS connection. The difference between implicit and explicit SSL is, that using implicit SSL, the SSL handshake will be done immediately upon connection, while using explicit SSL, the client has to tell the server with an ftp command to enable SSL, usually before sending the username and password.
Thus regardless of implicit or explicit SSL, the same data will be encrypted.
In addition to that, the client can tell the server whether the data channels for files and directory listings have to use SSL as well or not using the PROT command.
SFTP on the other hand is a completely different protocol based on SSH. Despite the name, it has nothing in common with FTP.
FileZilla Server itself treats SSL and TLS exactly the same, its part of the SSL library to decide what to use.
Using SSL encryption, the normal FTP traffic just gets tunneled through a SSL/TLS connection. The difference between implicit and explicit SSL is, that using implicit SSL, the SSL handshake will be done immediately upon connection, while using explicit SSL, the client has to tell the server with an ftp command to enable SSL, usually before sending the username and password.
Thus regardless of implicit or explicit SSL, the same data will be encrypted.
In addition to that, the client can tell the server whether the data channels for files and directory listings have to use SSL as well or not using the PROT command.
SFTP on the other hand is a completely different protocol based on SSH. Despite the name, it has nothing in common with FTP.
-
- 500 Command not understood
- Posts: 3
- Joined: 2005-04-02 21:20
Hi 'botg',
thank you very much for this in-depth-explanation! - I realise I was wrong regarding my understand of the implicit/explicit difference. Just one last question:
petit prince
thank you very much for this in-depth-explanation! - I realise I was wrong regarding my understand of the implicit/explicit difference. Just one last question:
In FileZilla Client "FTP over SSL (explicit mode)" and "FTP over TLS (explicit mode)" are two different options when you set up a new FTP account. Does your statement above mean that the choice between these two on the client's side doesn't make any difference as long as you connect to a FileZilla 0.9.6a Server? - Once again, thank you very much!botg wrote:FileZilla Server itself treats SSL and TLS exactly the same, its part of the SSL library to decide what to use.
petit prince
-
- 500 Command not understood
- Posts: 3
- Joined: 2005-04-02 21:20