SSL/TLS/SSH,explicit FTP over TLS/implicit FTP over TLS/SFTP

作者:vkvi 来源:ITPOW(原创) 日期:2018-7-18


SSL,Secure Sockets Layer,安全套接层。

TLS,Transport Layer Security,传输层安全。TLS 实际上就是 SSL 的继任者,以前 SSL 由 Netscape 发明,后来 IETF 在 SSL 基础上发布新的版本,并换了个名字叫 TLS。

SSH,Secure Shell,安全外壳协议。SSL/TLS 是通讯链路的附加层,比如对 HTTP、FTP 附加。而 SSH 则不是附加,它是用来替换 telnet、ftp 的,注意不是附加。

Last comment: HTTPS does not extend SSL, it uses SSL to do HTTP securely. SSH does much more than SSL, and you can tunnel HTTPS through it! Just because both SSL and SSH can do TripleDES doesn't mean one is based on the other.

explicit FTP over TLS/implicit FTP over TLS/SFTP

explicit FTP over TLS,基于 TLS 的显式 FTP。

implicit FTP over TLS,基于 TLS 的隐式 FTP。

SFTP,SSH 文件传输协议,端口是 22。

FTP over TLS (Explicit)
Explicit security requires that the FTP client issues a specific command to the FTP server after establishing a connection to establish the SSL link. In explicit TLS the FTP client needs to send an explicit command (i.e. "AUTH TLS") to the FTP server to initiate a secure control connection. The default FTP server port is used. This formal method is documented in RFC 4217.

FTP over TLS (Implicit) - Deprecated
Implicit security is a mechanism by which security is automatically turned on as soon as the FTP client makes a connection to an FTP server. In this case, the FTP server defines a specific port for the client (990) to be used for secure connections. FTP over TLS Implicit has been deprecated and should no longer be used.