RE: SFTP File open modes

[Richard Whalen <Whalenr%process.com@localhost>]

> -----Original Message-----
> From: Derek Fawcus [mailto:dfawcus%cisco.com@localhost]
> Sent: Thursday, March 28, 2002 12:22 PM
> To: ietf-ssh%netbsd.org@localhost
> Subject: Re: SFTP File open modes
> 
> 
> On Thu, Mar 28, 2002 at 11:35:17AM -0500, Richard Whalen wrote:
> > 
> > A wire format for textual data was defined as far back as 
> RFC 959 (FTP) (and
> > probably further).  Yes, text has been expanded these days 
> to allow a wider
> > character set, and some considerations for this should be 
> made.  But the
> > bulk of the textual data sent these days is done with a 
> character set that
> > uses an 8 bit unit.
> > 
> > My employer's customers expect SFTP to provide 
> functionality similar to what
> > is provided by FTP, with the added security of encryption 
> and improved
> > authentication methods. The protocol that is currently 
> defined is not
> > capable of providing that functionality.
> 
> Rather than turn SFTP into a version of FTP,  I'd suggest 
> that a way be
> documented to run FTP over SSH.
> 
> i.e. a SSH session connection would serve as the FTP control 
> connection
> (port 21?),  and additional SSH connections would be opened for each
> FTP file transfer connection (port 20?).
> 
> This would then just seem to just involve a few hacks to an FTP client
> and server in order to run them over SSH.
> 
> DF
> 

F-Secure's implementation of SSH includes an optional filter module for port
forwarding of FTP and HTTP, which I have not experimented with.

Yes, port 21 is FTP's command channel, but 20 is seldom used as the data
channel these days, and the module has code in there to intercept the
information about what the data port should be and to substitute another, (I
assume encrypted)port.