Home Products Services Company Support Contact
Overview
Features
Documentation
History
Trial Download
Purchase
FAQ
Support
Products
edtFTPj FAQ

1. What type of secure FTP does edtFTPnet/PRO support?

There is considerable confusion when using the term "secure FTP". There are two different types of secure file transfer protocols available.

Firstly, there is an enhancement to standard FTP (as defined in RFC 959), which uses the same FTP commands (and protocol) over secure sockets, i.e. over SSL/TLS. This is implemented by edtFTPnet/PRO. This is variously known as FTPS, FTP-SSL, and FTP-over-SSL. There are many FTP servers that support FTPS.

There is also another protocol, unfortunately known as SFTP, which also provides secure file access, but which is not related to the standard FTP protocol. This is implemented using SSH (Secure SHell), a suite of secure network connectivity tools (when used with SSH2 this is known as SFTP). The primary purpose of SSH is to enable users to remotely log into a machine over a secure connection. The two protocols are completely different and not related. For a comparison see the FTPS vs SFTP FAQ below.

2. SFTP vs FTPS - which is better?

As already noted, SFTP is built on SSH2, while FTPS is standard FTP over an SSL connection. FTPS has a number of advantages over SFTP.

Security. Standard SSH provides a secure remote shell for the user, and includes a command called SCP (secure copy) which is used to implement FTP-like features in SFTP. The problem arises when you want to allow client SFTP access on a server but not SSH access. This is possible but very tricky (see SSH: The Definitive Guide). So if you are not very careful when you set up your servers, users on machines with the SFTP client installed will be able to use an SSH client to log into the server and execute commands. This is not a problem with FTPS.

Flexibility. FTPS is a straight-forward extension to an existing FTP infrastructure. It is supported by most commercial servers and many open source servers (e.g. wu-ftpd and proftpd), so enabling FTPS on a server is usually just a matter of adding a few configuration options. There is no need to run additional servers since FTPS servers invariably also support FTP. There is also no need to open additional ports in firewalls since FTPS uses the same ports as FTP.

Certificates. SFTP uses keys rather than certificates. This means that it can't take advantage of the "chains of trust" paradigm facilitated through Certificate Authorities. This paradigm makes it possible for two entities to establish a trust relationship without directly exchanging security information, which is important for some applications. FTPS uses certificates and therefore can take advantage of this paradigm. SFTP clients must install keys on the server.

3. What is the difference between SSL and TLS?

SSL is short for Secure Sockets Layer, and is a protocol designed and implemented by Netscape. Version 3.0 of SSL was used as the basis for the Transport Layer Security (TLS) standard, version 1.0 (defined in RFC 2246, The TLS Protocol Version 1.0). The differences between SSL 3.0 and TLS 1.0 are not substantial, but the two protocols do not interoperate. TLS does, however, support a mechanism to back down to SSL 3.0. edtFTPnet/PRO supports TLS 1.0. We generally use the term "SSL" interchangeably with "TLS", as SSL is more commonly known.

4. Does IIS support FTPS?

No, Microsoft's Internet Information Server (IIS) does not currently support FTPS, but our completely free FTP server, edtFTPD, does.

5. What FTPS servers does edtFTPnet/PRO support?

Most are supported. We are compiling a list of tested servers.

6. Can edtFTPnet/PRO be used for standard FTP, without using FTPS?

edtFTPnet/PRO operates as a normal FTP client until you call the auth() method. See the examples for sample code to get started.

Legal Notice