FTPS – Secure FTP Using SSL

One method supported by Robo-FTP to provide secure file transfers is referred to as FTPS.

FTPS is the union of regular FTP and the Secure Sockets Layer (SSL) or Transport Layer Security (TLS) protocols.

SSL is a protocol for encrypting and decrypting data across a secure connection from a client to an FTP site. The FTP site is responsible for sending Robo-FTP a certificate and a public key for encryption. If Robo-FTP recognizes and trusts the FTP site's certificate, an SSL connection may be established.

FTPS connections provide for the encryption of the FTP control channel (the pathway for user names, passwords, and FTP commands) only, the encryption of the FTP control channel and the FTP data channel (the pathway for the contents of files sent to and received from the FTP site), or encryption of the FTP data channel only after the logon to the server is complete.

At the very least, user names and passwords are never sent in the clear during an FTPS connection. Also, if so configured, all data passing from one side to the other is encrypted.

As a measure of added security, the FTP site may request a client certificate from Robo-FTP to ensure the identity of the client. If the FTP site recognizes and trusts Robo-FTP’s certificate, an SSL connection may be established.

There are two further distinctions of FTPS secure connections supported by Robo-FTP referred to as explicit (active) and implicit (passive) security.

In the case of explicit security, Robo-FTP issues a specific command to the FTP site after establishing a connection in order to establish the SSL link. The regular FTP port 21 is used.

In the case of implicit security, a secure connection is established as soon as Robo-FTP connects to an FTP site. The FTP site defines a specific port (defaults to 990) to be used for secure connections.

Robo-FTP utilizes the OpenSSL library to provide the authentication and encryption found in the SSL protocol. More about OpenSSL may be found online at www.openssl.org/.