-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Greg Wooledge wrote:
> On Fri, Jan 10, 2020 at 02:29:51PM -0000, Dan Purgert wrote:
>> SFTP (SSH) has basically zero to do with RFC959 FTP; and provided that a
>> target host already allows SSH logins, SFTP is quite likely already
>> there. I'm actually surprised a hosting party would recommend RFC-959
>> FTP at all (SSL or no); as it requires extra work to set up (FTP servers
>> usually aren't part of "base" install images, they're
>> insecure-by-default and take a bit of effort to secure, and so on).
>
> I'm holding out hope that it wasn't really the hosting provider's
> recommendation, but rather a lack of information on the part of the user,
> that caused them to think FTP was the way to go.
I read Nate's response as "the provider told me to use 'secure ftp'" --
as in a small (yet easily made) terminology mistake, along the lines
that SSH is "secure shell" or scp is "secure copy" - so obviously 'sftp'
is "secure ftp". And then when Nate went and checked it out, he found
"Secure FTP" is ... well ... FTP over SSL.
There's a great commentary on FTP at
http://mywiki.wooledge.org/FtpMustDie [1]
Helped me out a fair bit when I was still getting my feet wet with "file
transfers" for servers I finally was in control of (previously having
only been a user of someone else's services).
[1] I'm 98% sure this was already mentioned / linked, but it can't be
said enough.
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEBcqaUD8uEzVNxUrujhHd8xJ5ooEFAl4YkYIACgkQjhHd8xJ5
ooEMmwgAifKnzPBHE0MT7Pc6wAGWQZhntrFmO3szsbnJiXB1XA6P6Z2zKEanwCLE
kOOquBNTp3FULBMQ2NhFRfms4Oe0KTv7KHSEjUVYSgHBk/JQlw4qi89a9d7V3LL6
J6EiYHKl/iOhh9wctoDjiVog6JUs24IXedUmTeLiThqrO36Q854Z1PoydVE5OCm8
UMPBhyKnilu8MVG448fqUnahGEi/A5KT81N4uOgAn80YkhQLRGGgOdeYNGM9hC8p
G0eA/Tn0CRdVOpcu4ak7lyVRfQAakFjPEXHQoGHAknoKr/buQasixG37dXUB59LQ
rjdJ+ov8KRdh5TsaNyMOpJOYKegaxg==
=iOpR
-----END PGP SIGNATURE-----
--
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5 4AEE 8E11 DDF3 1279 A281
