How secure is the FTP facility in OS X?
- Thread starter Dazzla
- Start date
scruffy
Notorious Olive Counter
FTP is as secure as your passwords and the network you're transferring over. Since that probably means the public internet, not very.
A better approach, if the campus facilities allow, would be to just turn on ssh. Then, you can use sftp - it behaves very much like ftp from a user's point of view, except it's encrypted for a higher level of security.
If you have unix boxes on campus, everything's good, they're bound to have sftp. If it's just Windows, you could see about puTTY - it's only a couple hundred Kbytes, and there's a companion program called puTTYsftp or some such. As long as you're allowed programs on your home directories, it shouldn't put you over your disk quota...
A better approach, if the campus facilities allow, would be to just turn on ssh. Then, you can use sftp - it behaves very much like ftp from a user's point of view, except it's encrypted for a higher level of security.
If you have unix boxes on campus, everything's good, they're bound to have sftp. If it's just Windows, you could see about puTTY - it's only a couple hundred Kbytes, and there's a companion program called puTTYsftp or some such. As long as you're allowed programs on your home directories, it shouldn't put you over your disk quota...
adambyte
Registered
So, sftp is more secure than ftp. Makes sense. However, there's no checkbox for that in the the "File Sharing" panel. How would one go about enabling sftp? Hopefully it's not TOO hard?
Also... if you turn on the "Allow Remot Login" thing in the "File Sharing" panel, and use the command line... isn't THAT secure, because you can use "ssh" to access your computer?
[localhost:~] adam% ssh 131.215.86
adam@131.215.86's password:
Welcome to Darwin!
[blacker-191:~] adam% ls
Desktop Documents Library Movies Music Pictures Public Sites
... :-D Raise your hand if you love UNIX underpinnings!
Also... if you turn on the "Allow Remot Login" thing in the "File Sharing" panel, and use the command line... isn't THAT secure, because you can use "ssh" to access your computer?
[localhost:~] adam% ssh 131.215.86
adam@131.215.86's password:
Welcome to Darwin!
[blacker-191:~] adam% ls
Desktop Documents Library Movies Music Pictures Public Sites
... :-D Raise your hand if you love UNIX underpinnings!
nkuvu
Gone
Take a look at this:
I had FTP enabled in the Sharing preferences, btw. But what I think is interesting is that sftp is using ssh to connect. So I'm thinking that sftp is just as secure as ssh because it is ssh.
I then turned on Allow Remote Login, and with FTP enabled I can sftp into localhost. So that's how you enable it.
BTW, I had to acknowledge the
"The authenticity of host 'localhost (127.0.0.1)' can't be established.
RSA key fingerprint is yada yada yada.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (RSA) to the list of known hosts." message...
Code:
[Aliens:~] nkuvu% sftp localhost
Connecting to localhost...
[color=green]ssh[/color]: connect to address 127.0.0.1 port 22: Connection refused
Connection closedI had FTP enabled in the Sharing preferences, btw. But what I think is interesting is that sftp is using ssh to connect. So I'm thinking that sftp is just as secure as ssh because it is ssh.
I then turned on Allow Remote Login, and with FTP enabled I can sftp into localhost. So that's how you enable it.
BTW, I had to acknowledge the
"The authenticity of host 'localhost (127.0.0.1)' can't be established.
RSA key fingerprint is yada yada yada.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (RSA) to the list of known hosts." message...