Closed
Bug 85464
(ftps)
Opened 23 years ago
Closed 6 years ago
Support FTP over TLS/SSL (FTPS)
Categories
(Core :: Networking: FTP, enhancement, P5)
Core
Networking: FTP
Tracking
()
RESOLVED
WONTFIX
Future
People
(Reporter: lord, Unassigned)
References
(Blocks 1 open bug, )
Details
(Keywords: helpwanted, Whiteboard: [necko-would-take])
It would be nice to support SSL/FTP.
Updated•23 years ago
|
Keywords: helpwanted
Target Milestone: --- → Future
If you have any useful reading (RFC's, etc), please add them. QA could also use a list of servers you think we should test against.
Summary: Support SSL/FTP → [RFE] Support SSL/FTP
Comment 4•23 years ago
|
||
Do you know of any server which implements this?
I don't know whether this is the same. But I have a solaris server running which simply uses stunnel to encrypt all the ftp transfer. There are several clients which support this, like sftp on Linux and psftp (putty) for windows. I think for this kind of secure ftp, everything should be there already. The encryption is the same as for secure websites and we have ftp too.
Comment 7•23 years ago
|
||
No, stunnel is separate (although I guess it would be easy to support, for PASV at least)
*** Bug 130634 has been marked as a duplicate of this bug. ***
Comment 10•22 years ago
|
||
I have no time to work on mozilla at the moment, so dougt is taking over FTP open ftp bugs -> him
Assignee: bbaetz → dougt
Comment 11•22 years ago
|
||
Setting OS=All and adding (SFTP) to summary to catch searches.
OS: Windows 2000 → All
Summary: Support SSL/FTP → Support SSL/FTP (SFTP)
Comment 12•21 years ago
|
||
See the following link for URI spec. http://www.ietf.org/internet-drafts/draft-ietf-secsh-scp-sftp-ssh-uri-01.txt Do we want to support all three of these protocols? (SCP, SFTP, and SSH) Currently I use mostly SSH.
Comment 13•20 years ago
|
||
The last two comments are misleading. This bug is about FTP over SSL (FTPS). SFTP is file transfer via SSH. Also the bugs this bug is blocking are about the latter. So I'm removing them.
Summary: Support SSL/FTP (SFTP) → Support FTP over TLS/SSL (FTPS)
Comment 14•20 years ago
|
||
I know of one server that supports this (ftps/995): http://www.sambar.com. I use CuteFTP's ftps capabilities in combination with this server and can atest to its functionality.
Comment 15•20 years ago
|
||
(In reply to comment #4) > Do you know of any server which implements this? any server with openSSH installation will support scp/sftp by default on recent installations: <http://www.openssh.org/>
Comment 16•20 years ago
|
||
(In reply to comment #4) > Do you know of any server which implements this? here is a list of distros which ship with openSSH (and scp/sftp): <http://www.openssh.org/users.html>
Comment 17•20 years ago
|
||
Simon's comment doesnt address point 4 because it asks about SSL, not SSH. I personally would rather see the pure SSL implementation sooner than SSH. SSL is used much more widely, and is built-in to the server products, whereas SSH is frequently a tunnel that has to be configured on the server (and is in fact built on openSSL). SSL is also more "industry strength" when it comes to key management and tools (signing, CRLs, critical-subjects), IMO . Its also the standard for imap/pop servers, in addition to www and ftp. And its tight integration with those server types allows them to actually interogate the protocol, so that they can reject connections with too-low cipher stregth, or perform client-cert verification. This is a far cry from the other protocols passive-tunnel setups. If a day comes around though when ssh is integrated into Mozilla, cool. Hopefully its first for would be in a shell-component. :-) My vote remains for SSL/TLS.
Comment 18•20 years ago
|
||
Can we cahnge the summary to be Support FTP over TLS/SSL (FTPS) (*not* SFTP) I'm thinking it could prevent more naming errors like we have in the comments. As for servers which support ftps, try WU. Yeah! I think wu-ftpd does TLS. Now I just can't remember if the RPM I installed shipped with its own pem or if I had to regenerate something. Hmm. It may have been Just That Easy, though, just an RPM to set up a valid test-server. Shout if you want me to open it for testing from a certain IP.
Comment 19•20 years ago
|
||
Here is a very good resource page on FTPS: http://www.ford-hutchinson.com/~fh-1-pfh/ftps-ext.html
Comment 20•20 years ago
|
||
Stupid question: How come that currently tls isn't supported for ftp? For any other protocol that a transport level security extension exists for (http,nntp,pop,imap,ldap, ...), this is supported by mozilla (fortunately - forcing users to transmit cleartext passwords is really a bad thing), so I guess most of the necessary code must already be there. little side note - in general, the use of a separate port with implicit encryption is deprecated in favor of an explicit negotiation. With other protocols, the separate port is more widespread, but in the case of ftp servers, "AUTH TLS" seems to be the more established than the use of port 990 for an encrypted command channel.
Comment 21•19 years ago
|
||
FWIW, filezilla server (http://filezilla.sf.net) supports FTPS using TLS negotiation.
Comment 23•16 years ago
|
||
FTPS/FTPES-Support would be nice in Firefox and Thunderbird
Comment 24•16 years ago
|
||
This is really needed for a secure and convinient method way of file transfer.
Comment 25•16 years ago
|
||
Guys, random advocacy posts are going to fix this bug. All they do is make it harder for anyone trying to fix the bug to find any relevant posts within. https://bugzilla.mozilla.org/page.cgi?id=etiquette.html
Comment 26•16 years ago
|
||
*sigh* are *not* going to fix this bug
Comment 27•15 years ago
|
||
I think firefox has ftps support in it because fireftp uses it. But it fails with vsftd servers: https://bugzilla.mozilla.org/show_bug.cgi?id=478322
Comment 28•15 years ago
|
||
Yes ftps support seems to be built in but the firefox GUI does not use it.... Anyway mozilla seems to no be concerned about that, The bug you show has not been solved since more than five months. The fix could have been part of ff35.............
Comment 29•12 years ago
|
||
The fix for bug 660749 won't change anything in FTP, so if/when we support ftps:// we will have to make a similar change.
Depends on: CVE-2011-0082
Updated•9 years ago
|
Whiteboard: [necko-would-take]
Comment 30•7 years ago
|
||
Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: -- → P5
Comment 32•6 years ago
|
||
For 17 years this has been asked. Wow, that must be a record of some sort :) So is this going to be stale until such point as you decide to remove FTP support entirely, with how you've been adding a pref for FTP now?
Comment 33•6 years ago
|
||
I have a public vsftpd server implementing ftp and ftpes protocol. It is only accessible over IPv6, however: ftpes://lavender.qlfiles.net I can view it using ftpes URL if I am in FileZilla, but not from Firefox. I am, however, using Firefox ESR 52.7.3.
Blocks: https-everything
Comment 34•6 years ago
|
||
I think we should mark this bug as WONTFIX. We have a vague plans of deprecating FTP completely in Firefox, there is no point in adding more code in this area.
Flags: needinfo?(ckerschb)
Comment 35•6 years ago
|
||
(In reply to Tom Schuster [:evilpie] from comment #34) > I think we should mark this bug as WONTFIX. We have a vague plans of > deprecating FTP completely in Firefox, there is no point in adding more code > in this area. Yes, that sounds reasonable to me. Since we (sooner or later) would like to deprecate FTP completely, we should not add more code in that area to our codebase.
Status: NEW → RESOLVED
Closed: 6 years ago
Flags: needinfo?(ckerschb)
Resolution: --- → WONTFIX
No longer depends on: CVE-2011-0082
Comment 36•6 years ago
|
||
(In reply to Bradley Baetz (:bbaetz) from comment #4) > Do you know of any server which implements this? The npm `ftp-srv` package implements this, same with the npm `ftp` client package. - https://www.npmjs.com/package/ftp-srv#api - https://www.npmjs.com/package/ftp#methods
Alias: ftps
You need to log in
before you can comment on or make changes to this bug.
Description
•