FTP & SFTP Information

  • 12 Apr

    How-To use Implicit vs Explicit SSL/TLS in LimagitoX File Mover

    When we speak about “SSL“, it usually means “implicit” SSL/TLS. The client must negotiate an SSL/TLS session immediately upon connecting to the server’s port, before then reading the server’s already encrypted greeting or sending any encrypted commands. You’ll need to enable ‘Use Implicit SSL/TLS’ in the setup.

    When we speak about “TLS”, it usually wants “explicit” SSL/TLS. The client must not negotiate an SSL/TLS session immediately upon connecting to the server’s port. It must read the server’s unencrypted greeting first, and then later it can send an appropriate STARTTLS command (if the server advertises support for it) to ask for permission to then negotiate an SSL/TLS session before sending any further encrypted commands. You’ll need to enable ‘Use Explicit SSL/TLS’ in the setup.

    Default SSL/TLS Implicit vs Explicit Server Settings:

    POP3:
    Port 110: Explicit-TLS
    Port 995: Implicit-SSL

    IMAP:
    Port 143: Explicit-TLS
    Port 993: Implicit-SSL

    SMTP:
    Port 25: Unencrypted but could support Explicit-TLS
    Port 465: Implicit-SSL
    Port 587: Explicit-TLS

    If you need help, please let us know.

    Regards,

    Limagito Team

  • 11 Apr

    How-To use an X.509 Certificate for SFTP Public Key Authentication

    In version v2020.4.11.0 we added X.509 Certificate support for SFTP Public Key Authentication.

    Some FAQ:

    • SFTP authentication using private keys is generally known as SFTP Public Key Authentication. So we need a private key file in the SFTP Setup.
    • As default we first try to load the RSA/DSA private key from the file.
    • If this doesn’t work we’ll try to import the file as X.509 Certificate.

    Authentication with an X.509 certificate is possible in two modes:

    • Full: The certificate is sent to the server. This assumes the server can handle certificate authentication. Set ‘Cert Auth Mode’ to ‘Auto’ (= default).
    • Key-Only: Only the keypair is used. This works with servers that don’t support certificates. Set ‘Cert Auth Mode’ to ‘Raw Public Key’.

    X509 SFTP Public Key Authenticartion

    If you need any help, please let us know.

    Regards,

    Limagito Team

  • 12 Jan

    Gene6 FTP Server, Unaccepted server reply code 501

    We received  a 501 error message from a customer who was trying to connect to a Gene6 FTP Server:

    The solution was to add the following “Send Command(s) after connect:

    CLNT www.yourcompany.com

    CLNT command: Short for CLieNT = client identification to the FTP server

    LimagitoX-FTP-CLNT-Gene6

    If you need any help, please let us know.

    Regards,

    Limagito Team

1 2 3 4 5 6