[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ssl ftp

To: HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: ssl ftp
From: infosys5@xxxxxxx
Date: Tue, 5 Feb 2008 08:15:24 -0600
In-reply-to: <47A79CEB.1060909@xxxxxxxxxxxxxxxx>
List-help: <mailto:ftpapi-request@lists.scottklement.com?subject=help>
List-id: HTTPAPI and FTPAPI Projects <ftpapi.lists.scottklement.com>
List-post: <mailto:ftpapi@lists.scottklement.com>
List-subscribe: <http://www.scottklement.com/mailman/listinfo/ftpapi>, <mailto:ftpapi-request@lists.scottklement.com?subject=subscribe>
List-unsubscribe: <http://www.scottklement.com/mailman/listinfo/ftpapi>, <mailto:ftpapi-request@lists.scottklement.com?subject=unsubscribe>
Reply-to: HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Sender: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx

   Scott,
   Thank you for all the information provided, I'm on to the world of
   PACE, downloaded your article and see how far I can get.
   As for your comment "FTPAPI won't work.  FTPAPI does not do secure
   connections at all at this point.  If you want to write the code to
   add
   SSL support to it (and thus make it capable of 'ftps' communications)
   I'd welcome it, and would be happy if you contributed the code back to
   the project.".......if I could write this, I would be more than happy
   to share the code.  But since PACE will take care of my problem, I'll
   instead focus on that.
   Again, thanks for all your information, it has guided me to my next
   step.
   Diane

   Scott Klement <sk@xxxxxxxxxxxxxxxx>
   Sent by: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx

   02/04/2008 05:16 PM

                             Please respond to
        HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>

                                                                       To

   HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>

                                                                       cc

                                                                  Subject

   Re: ssl ftp

   There are two tools that are often referred to as "secure FTP".
   There's
   the standard FTP protocol running over SSL or TLS.  The standard
   abbreviation for this is 'ftps' (just as HTTP over SSL is 'https',
   like
   when you visit a secure web site, the URL starts with 'https://')
   Then
   there's a program named 'sftp' which isn't truly FTP, and doesn't use
   SSL.
   There's a protocol called Secure Shell (or "SSH" short for _S_ecure
   _SH_ell).  This is a tool that lets you do remote logons to a server
   (like Telnet, but encrypted and secure) and it also has facilities for
   doing tunnelling (sort of a poor man's VPN) and file transfer.   SSH
   provides two programs for file transfer.  One is called "scp" (Secure
   Copy -- basically it's the Unix cp ("copy") command, except that it
   works over a network and has encryption.)  the other is called "sftp"
   (Secure FTP).   SFTP is neither SSL nor FTP.  It's just a user
   interface
   that looks a lot like FTP.  Under the covers, it's actually using the
   SSH protocol for communications.
   You need to get clarification about whether you plan to use FTP over
   SSL
   (which is far less common in the broader industry, but maybe more
   common
   on iSeries, since it's been available longer) or whether you plan to
   use
   the 'sftp' tool which actually speaks the SSH protocol.
   In either case, FTPAPI won't work.  FTPAPI does not do secure
   connections at all at this point.  If you want to write the code to
   add
   SSL support to it (and thus make it capable of 'ftps' communications)
   I'd welcome it, and would be happy if you contributed the code back to
   the project.
   Alternately, you can use IBM's FTP client for 'ftps' support.  This is
   the regular 'FTP' command you get at a normal command-line.  It can be
   scripted to run in batch.  It's cumbersome, in my opinion, for
   program-driven stuff since your program can't react to any
   success/failures until after the entire script ends -- but it exists,
   and can be made to work.
   Or for 'sftp' (SSH) you can get 5733-SC1, which is OpenSSH for i5/OS.
   It's a free licpgm from IBM, and supports 'sftp', 'scp' and other SSH
   tools, but it runs in PASE, which may be uncomfortable if you're not
   used to Unix.  But it works very well, much better than 'ftps' if you
   need to traverse NAT or some other types of firewalls.
   I did write an article recently about using SSH ('sftp') from i5/OS if
   you're interested:
   http://www.systeminetwork.com/article.cfm?id=56131
   infosys5@xxxxxxx wrote:
   >    Scott,
   >    Let my clarify my first post, the ftp program is accessing the
   FTP
   >    Server.  When we switch to a new ISP provider, we will be
   accessing
   >    the FTP Server using sftp.    Our iSeries is at version V5R4 and
   I
   >    have been successfully using version 2.1 of the FTPAPI.  I
   haven't had
   >    any experience (as you can tell) with ssl or sftp - (thought all
   was
   >    the same......), ok - now knowing this, will my FTPAPI still
   work, or
   >    is there a "sftp" program that I will need instead?
   >    Many thanks for the reply.
   >    Diane
   ----------------------------------------------------------------------
   -
   This is the FTPAPI mailing list.  To unsubscribe, please go to:
   http://www.scottklement.com/mailman/listinfo/ftpapi
   ----------------------------------------------------------------------
   -

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

References:
- Re: ssl ftp
  - From: Scott Klement

Prev by Date: Re: ssl ftp
Next by Date: AW: ssl ftp
Previous by thread: Re: ssl ftp
Next by thread: New HTTPAPI Beta
Index(es):
- Date
- Thread