WinSCP - explicit FTP over TLS

Support for developers of new plugins, third-party plugin announcements and discussions.
Posts: 2
Joined: 13 Dec 2011, 12:33

WinSCP - explicit FTP over TLS

Post by michalesku » 13 Dec 2011, 12:55

is there any plan to release newer version of WinSCP for Altap Salamander? The most recent version 1.6.5 (build 87) uses WinSCP version 4.2.8, but I need to connect to my provider's FTP server via explicit FTP over TLS, not FTPS over SSH. Now, the only possible client for me is FileZilla, but I'd like to use Salamander's plugin.
Thank you.
Michal Karsay

Jan Rysavy
Posts: 5197
Joined: 08 Dec 2005, 06:34
Location: Novy Bor, Czech Republic

Re: WinSCP - explicit FTP over TLS

Post by Jan Rysavy » 13 Dec 2011, 17:38

Michal, please use FTP Client plugin. FTPS is supported there.
Let us know if you find any problem.

Posts: 2
Joined: 13 Dec 2011, 12:33

Re: WinSCP - explicit FTP over TLS

Post by michalesku » 13 Dec 2011, 18:04

But I don't need FTPS, I need explicit FTP over TLS, because the server is so configured.

User avatar
Posts: 465
Joined: 29 Mar 2006, 02:41
Location: DE

Re: WinSCP - explicit FTP over TLS

Post by SvA » 13 Dec 2011, 19:02

Wikipedia wrote:FTPS should not be confused with the SSH File Transfer Protocol (SFTP), an incompatible secure file transfer subsystem for the Secure Shell (SSH) protocol. It is also different from Secure FTP, the practice of tunneling FTP through an SSH connection.
Please have a look at the advanced connection options
Altap Salamander Help (F1) wrote:Encrypt control connection with TLS/SSL
Encrypt data connection (file transfers and directory listings) with TLS/SSL
Communication over the FTP protocol uses one control connection to transfer commands and login information. Then there are several data connections, each is used exactly for one transfer (in any direction) of one file or directory listing.
The FTP plugin supports secure TLSv1/SSLv3 encryption using the AUTH TLS command specified in the RFC 4217 document. This way of encryption is sometimes called FTPES, i.e. FTP with Explicit SSL, but generally it is called FTPS, i.e. FTP-SSL. If the server supports it (public servers usually don't), the plugin can encrypt the communication. You can choose whether you wish to encrypt the control connection only (to hide your password) or also the data connections (to hide everything). These two check boxes are enabled only on Windows 2000 and later systems because FTPS is not supported on older systems.
Does this bring some light into it?

Posts: 4
Joined: 28 Jan 2006, 08:21

Re: WinSCP - explicit FTP over TLS

Post by wqw » 22 Jun 2013, 10:42

Salamander's FTP plugin seems to support only explicit FTPS, that is the client connects on port 21 and send AUTH TLS to switch to encrypted control channel *and* data channel (no option to use SLL on control channel only like curl's --ftp-ssl-control). Explicit FTPS is more compatible with legacy clients that use port 21 for ftp anyway.

The FTP plugin does not support implicit FTPS when the client connects on port 990 and the connections is always encrypted much like HTTPS on port 443. This mode is setup with TLSOptions UseImplicitSSL for ProFTPD on the server.


Post Reply