[Zope] OT: ftp vs scp

jeffr@odeon.net jeffr@odeon.net
Tue, 12 Mar 2002 09:51:29 -0600 (CST)


 [snip]

>    FTP, on the other hand, has the advantages:
>
> 1. Interactiveness (directory listing).
> 2. Well-established.
> 3. Simple to implement.
> 4. Already there (in the Zope :)
>
> Oleg.


FTP has it's share of problems too.  Is your FTP server (i.e., Zope)
behind a firewall?  Are your clients on a different network (like mine
are) and behind their own firewall?  Are you using active or passive FTP
at the server?  Can your clients use either?

If your clients are all on the same network as your Zope server then
everything can be fairly simple, but trying to secure your network and
allow FTP access via the internet can be difficult.

Also, FTP sends all password information in clear text.  Unfortunately,
just about every (so called) WYSIWYG HTML editor supports FTP.  I have
great hopes for webdav.

The interactiveness is nice, but as someone else pointed out, FTP isn't
the only way to get that.

FTP is well established.  So is telnet.  That doesn't mean that I allow
telnet connections into my network.

FTP can be simple to implement, especially on nearly all Linux boxes.
This is actually part of the problem.  WUFTP (which Redhat ships with) is
seriously broken in terms of security.  ProFTPd is better, is easy to
configure for anyone familiar with Apache, and supports virtual hosting,
but it's still not a perfect FTP solution.  Zope does have a built in FTP
daemon, but I don't let any of my non-internal users connect to it.

I'm also not aware of a way to tunnel FTP through SSH.  It's the nature of
the protocol (multiple ports are used for a single client connection).
Admittedly, I haven't tried very hard.  If it is possible, I doubt I'd be
able to get my users to use it (who are all used to 'publish' in
Frontpage).

Webdav (with SSL) looks very promising.  If I thought I could get my users
to learn to use scp that would be good too.

Jeff