[squid-users] squid/ftps

 Hello all ,

I have to do a job , but it seems a kind of impossible . I have tried to get a kind of full info to explain it .
first , the version is squid-2.5.STABLE14-1.4E.el4_6.2.i386.rpm
For instant i have from #squid in freenode

<imad> hello all , i have to do that : something in java --ftps--> squid --ftps--> vsftpd
<hno> imad: Then you need to abuse the CONNECT method to establish tunnels over the proxy.
<imad> for instant , to be honest i'm trying to understand what is this "ftps" .. :) ... by the way , why "abuse" ?
<hno> ftps is SSL encrypted FTP.
<imad> yah i know , but i always see about sftp , ftps is a kind of unusual
<hno> the abuse is because you need to open CONNECT to pretty much any port, when CONNECT is designed to only allow a very limited number of well known ports for security reasons..

and this from a website

FTPS (FTP-SSL) is a real ftp that uses TSL/SSL to encrypt the control session and if required the data session. With FTPS the control session is always encrypted, but the data session might not be. Why is this? Because with the control session encrypted the authentication is protected and you always want this (normal ftp uses clear text). If you are NOT pre-encrypting the file, you want the data session encrypted so that the file is encrypted while the data is in flight. However, if you are pre-encrypting the file then you do not need to have the data connection encrypted as you do not need to add the overhead of encrypting the data connection, since the file is already encrypted. Understand that SFTP is SSH file transfer and FTPS is FTP with SSL, FTPS is a file transport layer on top of SSL or TLS. The FTPS adds SSL-enabled FTP send and receive capabilities, uses the FTP protocol to transfer files to and from SSL-enabled FTP servers

i know that ftps is not "usual" , by the way if someone have experience about proxying ftps with squid or can explain why we can't do it , thx for your answers

IS
Received on Wed Aug 20 2008 - 22:30:34 MDT