Page 1 of 1

FTP v SFTP

Posted: 22 Jun 2017, 14:33
by jelockwood
I am getting the impression that the Netatmo Presence only supports FTP and I believe DropBox but does not support SFTP.

This is a surprise, a disappointment and a concern. These days security especially in the category of IoT is a big issue and only supporting an inherently insecure protocol like FTP simply no longer makes sense.

Can anyone confirm whether it supports SFTP? If it does not could Netatmo please add support for this.

By the way, I am under the impression High Sierra no longer supports FTP for exactly these reasons.

Re: FTP v SFTP

Posted: 30 Jun 2017, 09:06
by Tech49
Hi, While we are at this subject could we enable FTPS as well?

My Qnap NAS does not seem to support FTP over SSH, at least not in the Web GUI. SSH into the NAS works fine but I want to stay clear from Command-line-Kung-Fu
It does support FTP over TLS (FTPS). There are differences in getting it operational but not in crypto strength once you choose the current technology.
The certificate authentication is a challenge but saying 'Yes' to a fingerprint in SSH session setup is just as scary.

For now I don't worry to much since all devices live on my private LAN but additional security options might be great.

Best regards.

Re: FTP v SFTP

Posted: 30 Jun 2017, 10:51
by jelockwood
Strictly speaking SFTP is not FTP over SSH it is a totally different protocol to FTP and yes it uses SSH. FTPS on the other hand is based on FTP and runs over SSL to add security, you can think of FTPS as being to FTP as HTTPS is to HTTP.

It is theoretically possible to run FTP over an SSH tunnel but this is not as mentioned SFTP and would require two steps - first creating an SSH tunnel, and then running normal FTP over it. Whilst this would be feasible for manual connections it would not be feasible for automating within a device like the Presence.

I have no problems with FTPS being added as well but SFTP is far more common than FTPS.