From Wikipedia, the free encyclopedia
Jump to: navigation, search

The mysterious vanishing Paul. I thought I'd put myself back in with the name under which I edited what seems like ages ago, but probably wasn't. Now there's a sentence crying out for an edit.

There is half-digested text about ftp and its secure cousins at the bottom of the page...

  • Somebody keeps requesting password resets for me - please stop it -Paul 11:02, 29 November 2005 (UTC)
  • It's getting ridiculous - twice this week, for instance. The latest request from Pick your own user ID, please! - Paul 20:44, 19 January 2006 (UTC)
  • And again - go away, children, please!

OK. The following attempts (for as far back as I have records) - let's see if there is a pattern:

  • at 2006-01-19 00:43 GMT (
  • at 2006-01-19 11:52 (
  • at 2006-02-01 09:10 (
  • at 2006-02-01 09:11
  • at 2006-02-01 09:11 - third time that day
  • at 2006-02-01 12:33 (
  • at 2006-02-05 00:41 GMT (
  • at 2006-02-08 14:46 (
  • at 2006-02-08 14:51
  • at 2006-02-08 15:00
  • at 2006-02-08 15:00
  • at 2006-02-08 15:01
  • at 2006-02-08 21:25 (
  • at 2006-02-09 21:23 (

Picture of the day
Osaka Castle

Osaka Castle is a castle in Chūō-ku, Osaka, Japan. Built from 1583 to 1597 by Toyotomi Hideyoshi, it played a major role in the unification of Japan during the sixteenth century of the Azuchi–Momoyama period. After Toyotomi died in 1598, control of the castle went to his young son, Hideyori, who was deposed by Tokugawa Ieyasu eighteen years later after a series of sieges. In 1868 the castle, still under control of the Tokugawa shogunate, fell to pro-imperial forces. Since then the castle has been rebuilt several times, most recently in the 1990s.

Photo: 663highland
ArchiveMore featured pictures...

Stuff wot I done wrote[edit]

What can I say. I edit stuff occasionally (often on computing, Ireland, gramer an speling). And I'm called Paul.

Some articles I've written or contributed significantly to include:

There are probably more - maybe even on interesting topics - but I can't seem to think of any right now.

Random comments :-)[edit]

Well, hello vanishing Paul;-) -- WojPob

Hi, Woj! -- Paul >:<

I think I need to reference this RFC [1].

FTP and Secure variants[edit]

Right now, this is just a set of notes for me... A disambiguation / introduction article might have less information than this. It might also have corrections.

There is a maze of file transfer protocols - especially when you start to look at secure ones. It's complicated by the way many of them use identical or similar names.

  1. FTP - the venerable and insecure file transfer protocol, uses 2 connections on different ports (20 & 21)
    • RFC 959 (with later extensions)
    • active mode: client tells server which port it is listening on, server connects from port 20 & exchanges file
    • passive mode: client asks server to pick a port, client connects to that port on server (works better with NAT)
  2. SSH file transfer protocol (files exchanged using ssh on port 22)
    • no RFC for this. Most widely used versions v3 & v4 (v6 was documented in an expired internet draft)
    • this is PROBABLY the one you want, for transferring files securely
    • sftp (by OpenSSH) is one client for this protocol
    • not to be confused with FTP over SSH, sometimes called Secure FTP (rare)
    • Secure File Transfer Protocol sometimes refers to SSH file transfer protocol (& sometimes to FTP over SSH)
    • compare with scp (secure copy, which is a simpler file copy protocol also run over ssh)
    • end to end security => harder to proxy/control/log at network perimiter (man in the middle proxies exist)
  3. FTP with SSL/TLS, (aka ftp-ssl, or ftps, or ftp secure) ?
    • RFC 4217 (uses same security standards/certs as secure https web traffic - server needs a certificate)
    • firewall issue - cannot snoop packets to determine what ports to open for ftp data channel
    • implicit security - deprecated, uses tcp ports 989 & 990.
    • explicit security - through new ftp AUTH command in RFC 2228, same ports as normal ftp
  4. FTP over SSH
    • because FTP uses multiple connections, it it trickier to use over ssh.
    • needs intelligence in the file transfer client or in the ssh client to ensure both connections are encrypted
  5. Secure File Transfer Protocol (secure FTP) is a confusing term
    • sometimes it refers to SSH file transfer protocol (2, above - possibly due to the latter's "sftp" client)
    • sometimes it refers to FTP over SSH (3, above)
  6. Simple File Transfer Protocol (rarely used)
    • RFC 913: uses port 115, ancient
    • this is a silly protocol. Don't go there.
  7. TFTP - Trivial FTP (insecure, simple, sometimes used for booting over network)
    • RFC 1350: via UDP
    • not useful for generalised file transfer


  1. ^ RFC 3696