FTPS: Secure File Transfer Protocol over SSL
Standard FTP transmits data in plain text between your workstation and the
FTP server. CLASnet is planning to migrate its plaintext FTP service
over to use FTPS, which is, FTP over SSL. This is the same method that web
browsers use to encrypt data between your computer and secure
web sites.
Recommended Clients
We currently recommend the following clients, which are either freeware or are free for educational use:
Microsoft Windows 2000/XP: CoreFTP LE, which can be downloaded from:
Apple Macintosh OSX: SecureFTP, which can be downloaded from:
SSL Certificates
When the client contacts the server using FTPS, the server will present a certificate that the client will use to encrypt data with. You will need to accept this certificate in order to connect using FTPS.
CoreFTP will ask you to accept the certificate in this manner:
You can accept the certificate for that session only, or you can click on Always Accept, which will store a copy of the certificate on your local hard drive. Certificates are time limited - most have a 1 to 2 year lifespan. When the certificate on the server is renewed, you may need to delete the stored certificate on your computer. In CoreFTP, you do that by going to the Manage menu and choose "SSL Certificates":
From that screen, you can delete the old certificate that is stored.
SecureFTP's certificate acceptance screen:
Deleting old certificates that are stored in SecureFTP
SecureFTP doesn't have a menu option to allow you to delete stored certificates at this time, so if you need to delete them, here are some instructions to do it manually.
Certificates are stored in a file in a hidden directory in your Home directory. There are two ways to delete the file:
Method #1: Use the Find function in the Finder's File menu (or Command-F) to locate the cert.key file, and drag it to the trash can. Make sure that the file that you're deleting says that it is located in the Home directory\.secureftp folder.
Method #2: Open the Terminal application from the Utilities menu and type in the following:
cd ~home (press Enter)
cd .secureftp (press Enter)
rm cert.key (press Enter)
exit (press Enter to close the terminal).
Configuring your client to connect to the CLAS FTP server
Information for Core FTP LEInformation for Secure FTP
Core FTP
When you launch Core FTP LE, a Site Manager screen automatically appears prompting for information about the server that you want to connect to. Here is a graphic showing typical settings to connect to the CLAS Netware server.
- Important Settings in the above:
- AUTH SSL or AUTH TLS must be checked in the lower left corner.
- OpenSSL should be checked in the lower left corner.
- SSH/SFTP should not be checked. This is a different encryption method which isn't currently supported.
- We recommend leaving the "Don't Save Password" box checked.
- Optional settings in Core FTP LE
- To automatically change to a directory other than the default directory upon connecting to the server, click on Advanced, then choose Directory/Folder on the left side.
SecureFTP Pro
The Connections screen:
The Options screen:
Return to the How-to page
