Opened 11 years ago

Closed 9 years ago

#9359 closed Feature request (rejected)

Support CCC Command In FileZilla Server — at Version 2

Reported by: keving Owned by:
Priority: high Component: FileZilla Server
Keywords: Cc:
Component version: Operating system type:
Operating system version:

Description (last modified by Tim Kosse)

We would like to use FTPS to protect the login step only. We understand this only provides limited security but it does prevent the login and password from being stolen so it is better than plain unencrypted FTP.

Using CCC over full encryption also improves reliability when dealing with client side and server side routers / firewalls since the rest of the FTP communication can be followed / understood by them. This is extremely useful when you have no control over what hardware / software sits in-between the client and server.

Change History (2)

comment:1 by keving, 11 years ago

Type: Bug reportFeature request

comment:2 by Tim Kosse, 9 years ago

Description: modified (diff)
Resolution: rejected
Status: newclosed

CCC is insecure, it allows a man-in-the-middle to completely hijack the logged-in connection.

Note: See TracTickets for help on using tickets.