Opened 21 years ago
Last modified 12 years ago
#2081 new Feature request
Add FW support for kerberised ftp
| Reported by: | mamoeller | Owned by: | |
|---|---|---|---|
| Priority: | normal | Component: | FileZilla Client |
| Keywords: | Cc: | mamoeller | |
| Component version: | Operating system type: | ||
| Operating system version: |
Description
To allow kerberised ftp through a stateful firewall the (E)
PORT and (E)PASV command must be send in cleartext.
Can you add an option to allow the transfer of these
commands only as cleartext. There is an example
client/server implementation at
http://sourceforge.net/project/showfiles.php?
group_id=70951&package_id=70374&release_id=194711.
I know it lowers the security somewhat but is better
then opening all high ports on the firewall.
To support further Network Adress Translation on the
firewall channel binding as to be removed. Could you add
another option on the client/server to set the channel
binding to GSS_NO_CHANNEL_BINDINGs. The above
implementation has this implemented.
Thank you
Markus
