Opened 15 years ago

Last modified 7 years ago

#2081 new Feature request

Add FW support for kerberised ftp

Reported by: mamoeller Owned by:
Priority: normal Component: FileZilla Client
Keywords: Cc: mamoeller
Component version: Operating system type:
Operating system version:

Description

To allow kerberised ftp through a stateful firewall the (E)
PORT and (E)PASV command must be send in cleartext.
Can you add an option to allow the transfer of these
commands only as cleartext. There is an example
client/server implementation at
http://sourceforge.net/project/showfiles.php?
group_id=70951&package_id=70374&release_id=194711.

I know it lowers the security somewhat but is better
then opening all high ports on the firewall.

To support further Network Adress Translation on the
firewall channel binding as to be removed. Could you add
another option on the client/server to set the channel
binding to GSS_NO_CHANNEL_BINDINGs. The above
implementation has this implemented.

Thank you
Markus

Change History (1)

comment:1 Changed 7 years ago by Alexander Schuch

Component: OtherFileZilla Client
Note: See TracTickets for help on using tickets.