Since an increasing number of my peers now distrust FTP for file transfers for almost anything but downloads I decided to find secure alternatives for the FTP servers I use most often.
Interestingly there are 4 methods of transfering files securely. The first two are variations of FTP, but using SSL – one uses it implicitly, the other explicitly. Then there’s SFTP, which as far as I can gather is a separate protocol, and SCP, which uses the
scp (secure copy) command in a SSH session.
There are 4 servers that I frequent. The first is the FTP server for this site, which only supports FTP over SSL Explicit. For this I use SmartFTP which supports standard unsecure FTP as well as both varieties of FTP over SSL.
The second is the FTP server for , for which I use SCP since we have shell access. The open source WinSCP is my weapon of choice here – despite the fact it uses SSH it actually works just like any other FTP client.
The other two are my University of Bradford user space and my School of Informatics web space at lamp.inf.brad.ac.uk . This is where it gets annoying, because despite there being 4 technologies at my disposal, none of them are supported. The web space has no secure file transfer capability at all. My user space does support SCP but WinSCP doesn’t like it – it throws an error message when it tries to view the contents of a folder. I’m guessing this is because it doesn’t understand the output of the
ls command that the server produces – the server runs on (I think) Solaris and uses the C-shell instead of bash which is what WinSCP may be expecting.
Either way, the very fact that one of those servers has no secure method of logging in is slightly annoying, and a bit of a security risk. Looks like I need to talk to the head of tech support in Informatics to see what they can set up.