Shulou(Shulou.com)06/01 Report--

This article mainly explains "how FTP, FTPS and SFTP work". Interested friends may wish to take a look. The method introduced in this paper is simple, fast and practical. Now let the editor take you to learn how FTP, FTPS and SFTP work.

Brief introduction of FTP, FTPS and SFTP

FTP

FTP (short for File Transfer Protocol) is an application layer protocol used to transfer files between clients and servers on a computer network. The complete FTP is composed of a FTP server and a FTP client, which can upload local files to the server through the FTP protocol or download the server files locally. It is one of the oldest file transfer protocols in use today and is a very convenient way to move files.

How FTP works

A FTP connection requires both the FTP server and the client to establish communication on the network. There are two different communication channels when establishing a FTP connection. One is called a command channel, and its function is to issue and respond to instructions. The other is the data channel, which is used for data exchange between the client and the server.

When transferring files using FTP, users need to obtain file transfer permission by providing credentials to the FTP server. Of course, some public FTP servers may not need credentials to access their files, but can not guarantee the security of data transmission, any unencrypted data transmission on the public network is very dangerous, so in order to protect the security of data transmission, FTP derived from the following two protocols: FTPS and SFTP.

FTPS

Next, the two dogs queried and found that FPTS has two modes: FTPS implicit SSL and FTPS display SSL, both of which are encrypted with SSL. So what's the difference between the two?

FTPS implicit SSL: this mode usually runs on port 990. In this mode, all data exchange requires the establishment of a SSL session between the client and the server, and the server rejects any connection attempts that do not use SSL.

FTPS explicit SSL: shows that the server under SSL can support both FTP and FTPS sessions. The client needs to establish an unencrypted connection with the FTP server before starting the session, and send AUTH TLS or AUTH SSL commands before sending the user credentials to request the server to switch the command channel to the SSL encrypted channel, and then send the user credentials to the FTP server after the channel is successfully established, so as to ensure that any commands during the session can be automatically encrypted through the SSL channel.

Let me give you a simple and quick summary. When implicit mode is enabled, the default port of FTP is changed to TCP/990, the server automatically establishes a secure connection, and the client is required to support secure connection mode, that is, to connect using SSL. When explicit mode is enabled, it is the same as the FTP connection and the default port, but the secure connection needs to be activated with a command of the AUTH SSL/TLS type before data can be transferred properly.

SFTP

Finally, let's take a look at SFTP,SFTP, which stands for Secure File Transfer Protocol, also known as secure File transfer Protocol.

If FTPS adds a layer of SSL to the FTP protocol, then SFTP is based on the network protocol SSH (secure Shell), which is completely different from the FTP mentioned earlier. SFTP does not use separate command channels and data channels, but data and commands are transmitted over a single connection in specially formatted packets.

SFTP provides two ways to verify the connection.

Like FTP, you only need to verify the user's ID and password when connecting. However, unlike FTP, these credentials are encrypted, which is the main security advantage of SFTP.

In addition to the password, it can also be authenticated by the SSH key and connected through the SFTP protocol.

After learning about these protocols, Ergouzi can use the FTP client tool more easily. He can change the protocol and encryption method according to his own needs, without worrying about not knowing a certain setting.

However, a new question arises again. What does it mean that Ergouzi sees the transmission mode in the transmission settings here, which can be divided into active and passive? If he didn't understand, he opened the Google again.

The difference between active Mode and passive Mode of FTP Software

Active mode

Generally speaking, the default mode of FTP is active mode, also known as port mode.

It works in two steps:

First of all, the random port on the client establishes a command channel with FTP port 21 on the server, the client sends PORT commands, specifies that the server connects with one of the client ports, and establishes a data channel.

The server then connects from port 20 to the client port specified for the data channel. Once a connection is established, files can be transferred through these client and server ports.

Passive mode

In the transfer mode bar, you can also manually adjust to passive transfer mode, in which the client will first connect to port 21 on the server through random port A, and issue the PASV command to establish a command channel to tell the server that this is a passive mode connection. The server then opens a random port for data transfer, while the client establishes a data channel through random port B, which is different from the port on which the command was issued, for file transfer.

The difference between passive mode and active mode is that the client initiates a data connection. In active mode, after the client establishes a connection on the command channel, the server initiates a data connection with the client. In passive mode, after the command channel is established, the client initiates the data connection with the server.

Because of this difference, we can find out the advantages and disadvantages of the two. For example, the active mode is beneficial to the management of the FTP server, because you only need to open the "access" of port 21 and the "exit" of port 20, but because the port that the server connects to the client is random, the client may trigger the firewall or even be blocked by the firewall directly. On the other hand, the passive mode is beneficial to manage the client.

At this point, I believe you have a deeper understanding of "how FTP, FTPS and SFTP work". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.