Transferring files across the network using the FTP protocol (RFC 959, and is defined to be added later) has its roots in 1980 when the first RFC for FTP protocol was published. FTP provides functions to upload, download and delete files, create and delete directories, read the contents of the directory. While FTP is very popular, has some disadvantages that it is difficult to use them. The main disadvantages are the lack of a common format for the directory listing (this problem was partially solvedThe introduction of MLST command, but is not supported by some servers)) and the presence of secondary connection (FTP Datalink. security is provided using SSL / TLS protocol for channel encryption as defined in RFC 2228 The secure version of FTP is called FTPS.
In UNIX systems another security standard has become. E 'state of the SSH family of protocols. The primary function of SSH was for remote shell access to UNIX systems secure. E 'was later extended with SSH FileTransfer protocol – first SCP (in SSH 1.x), then SFTP (SSH2 in). Version 1 of the SSH protocol is outdated, unsafe and not recommended for use in general. Consequently is no longer with SCP and SFTP gains popularity day by day.
"SFTP" abbreviation is often used incorrectly to a kind of Secure FTP, by which people mean the most, give FTPS. Another (similar) mistake is that SFTP is thought to some kind of FTP over SSL. In fact, SFTP stands for "SSH file transferProtocol ". This is not FTP over SSL and not FTP over SSH (which is also technically possible but very rare).
SFTP is a binary protocol, the latest of which is standardized in RFC 4253 All commands (requests) are packed binary messages and sent to the server, which replies with binary reply packets. In later versions of SFTP has been extended and offers not only the file upload / download operations, but also some file system operations, such as locked files, create a symbolic linketc.
Both FTPS and SFTP use a combination of asymmetric algorithms (RSA, DSA), symmetric algorithm (DES/3DES, AES, Twhofish etc.) and an algorithm for key exchange. Authentication FTPS (or, more accurately, SSL / TLS with FTP) uses X.509 certificates, while SFTP (SSH is the protocol used) SSH keys.
X.509 certificates contain the public key and some information about the holder of the certificate. This information can the part of others, to verify the integrity of the certificate andAuthenticity owners. Verification can be performed with the computer and to some extent by man. X.509 certificate has an associated private key is stored in the rule, regardless of the certificate for security reasons.
SSH key contains only a public key (the associated private key is stored separately). No information about the owner of the key. Nor, it contains information that can be a reliable and integrity checks of authenticity.Some SSH software implementations use X.509 certificates for authentication, but does not actually control the entire certificate chain – only use the public key (authentication is incomplete and, as a key authentication SSH does).
Here's the short list of pros and cons of the two protocols:
FTPS
Pro
Commonly known and used
Communication can be read and understood by humans
Provides services for server-to-serverFile Transfer
SSL / TLS has good authentication mechanisms (X.509 certificate features)
FTP and SSL / TLS is built into many Internet communication environment.
Cons:
Not a single format directory listing
Requires a secondary channel data, which makes it difficult to use behind the firewall
Not defined a standard for file name character set (encoding)
Not all FTP servers support SSL / TLS
They have a standard way, and editing the file andDirectory attributes
STP
Pro
Has good standards background, narrowly defined, most (if not all) of the operations
Has only one connection (no need for the data connection)
The connection is always guaranteed
The list of directories is a consistent and machine-readable
The Protocol provides for measures for the authorization and attribute manipulation, file locking and more functionality
Cons:
The communication is binary andcan not be registered "as is" for human reading
SSH keys are harder to manage and validate
The standards define certain things as optional or recommended for some compatibility problems between different software titles from several leading manufacturers.
No server-to-copy on the server and remove directories recursively
No built-in SSH / SFTP support and VCL. NET Framework
Choose what
As usual, the answer depends on what your goals and needs. Ingeneral, SFTP is technologically superior to FTPS. Of course it is a good idea to implement support for both protocols, but are different concepts commands supported and in many other things.
It 'a good idea to use FTPS when you have a server that must be accessible by their own devices (smartphones, PDAs, etc.) or by certain operating systems, FTP support, but they have SSH / SFTP client. If you are building your personal security solution SFTPprobably the best choice.
As for the client side are the requirements from the server (s), which is defined in the program to connect to. When you connect to Internet servers, SFTP and more popular, because it is not supported by Linux and UNIX.
For private guest host for the transfer, it is possible both SFTP and FTPS. For FTPS you would need a free FTPS client and server software or purchase a license for commercial research. To support SFTP, you can install the OpenSSH package, whichprovides free client and server software.
Developer Tools
If you are a software developer and must be made capable of transferring the files to your application, you will find components that work.
In. NET has built in support for FTPS inches NET Framework (see FtpWebRequest) class. However, the functionality of this class is very limited, especially in SSL / TLS aspect of control. . NET Framework does not support SSH or SFTP.
In VCL, youa selection of free components and libraries which provide FTP functionality. When you add OpenSSL, you can FTPS for free. If you do not want to deal with OpenSSL DLL, you can support one of the commercially available libraries for SSL and FTPS. Again, there are no freeware SFTP components VCL.
If you are a tool that allows you to use for ActiveX controls, you need to find commercial FTPS or SFTP controls. N. Free controls are available.
Friends Link : lcd tv jewelry gemstone Allinoneprinter
pichet