FTP Over SSL (FTPS and FTPES)
- another way to secure FTP is to use TLS
- two means of configuring FTP over TLS:
- explicit TLS (FTPES)
- used the
AUTH TLS command to upgrade an insecure connection established over TCP port 21 to a secure one
- protects authentication credentials
- data connection for file transfer can be encrypted using
PROT command
- preferred method
- implicit TLS (FTPS)
- negotiate a TLS tunnel before the exchange of any FTP commands
- uses TCP port 990 for the control connection
- tricky to configure when there are firewalls between the client and server