Home
Features
Download
Buy
FAQ
Documentation
Support
Contact
Bermin Software


Support for secure FTP over SSL/TLS

Protect your data
The FTP client in MobyExplorer supports secure FTP using SSL/TLS, which is also known under the name FTPS. SSL/TLS is most widely known as the protocol that provides secure HTTP (HTTPS) for internet transactions between Web browsers and Web servers, but is also used in many other applications to provide completely secure communication.

Please note that in order to use FTPS, the FTP server must be configured to support FTPS. Please go here for information on how to set up FTPS .

FTPS provides security on three different levels: confidentiality, authentication, and data integrity.

Confidentiality
Normal FTP do not have any mechanism to protect the information that is exchanged between the client and the server. All data is sent as clear text. This includes both user and password information, as well as files. A person snooping on the data transmission can easily pick up user names and passwords, and use these to log in to the the FTP account.

SSL/TLS uses strong symmetric data encryption to protect all data send on the SSL/TLS channel. Both control information, such as user names and passwords, as well as files sent both ways between the server and the client, can be encrypted.

Strong authentication
Normal FTP provides client authenication by means of a user/password mechanism. Normal FTP does not have any mechanism to authenticate the server, which means there is no way for the client to be sure that the server really is who it claims to be. The client could be sending his user/password to a bogus server posing as the FTP server.

FTPS provides server authentication by means of a cryptograhic server certificate which is sent to the client at connection time. The client then verifies the certificate using his store of trusted root certificates.

FTPS also has optional support for client authentication using client certificates in the same way as server authentication. This is not widely used however, since (as long as the connection is encrypted) the client user/password mechanism provides client authentication.

Data integrity

SSL/TLS also provides mechanisms for making sure that the data received is correct and identical to the data that was sent from the other end.

Back
© 2007 Bermin Software