SSH and SSL encryption for FTP connections
This TechNote introduces some of the concepts associated with secure FTP authentication and secure connections. Secure authentication usually involves using an encryption method, such as the Secure Shell protocol (SSH). Although there are currently many kinds of protocols and encryption methods in use, this TechNote focuses on two of the most frequently requested protocols.
Important: This TechNote will not be beneficial for Dreamweaver MX 2004 customers, as Dreamweaver MX 2004 now includes Secure FTP (SFTP) capabilities, supporting the OpenSSH 3.5p1 protocol to transfer usernames and passwords securely across the network. In addition, SFTP in Dreamweaver MX 2004 encrypts file content during transfers. Unlike Dreamweaver MX's implementation of FTP over SSH, Dreamweaver MX 2004's implementation of SFTP requires no special configuration beyond selecting the SFTP option in the site definition dialog box.
Lack of security in FTP transfer
The Internet is not a secure environment. Telnet, FTP and email all send your username and password in clear, unencrypted text. When you transfer a file to a remote machine, the information is not sent directly to that machine; it is routed through several machines to get there. Anyone along the route can access what you are sending, including your username and password. If this information falls into the wrong hands, your account and the remote system you have access to may no longer be secure.
Enhancing Dreamweaver's FTP client
The Dreamweaver FTP client transfers files using the FTP protocol. Although Dreamweaver MX and earlier do not provide options for secure encryption, third-party software can be used to provide additional security.
Note: If you are unsure about which encryption protocol you should use, contact your Server Administrator or your Internet Service Provider for additional information. If you need additional information about your third-party product, consult the product's manufacturer, the manufacturer's website, or the software documentation.
Below you'll find a description of two protocols that offer additional security beyond FTP:
Secure Sockets Layer (SSL)The SSL protocol was developed by Netscape to allow the secure transfer of files. If your connection to the remote server requires that you use this protocol, you will not be able to use Dreamweaver's FTP client. You can still use Dreamweaver to create local sites, but will have to transfer those sites to the remote server using a separate client. An example of a third-party client using the SSL protocol is WS_FTP.
Secure SHell protocol (SSH)SSH is a protocol that will allow you to log in to other computers across a network and move files or execute commands. Using an SSH client, it is possible to create a secure tunnel that protects Dreamweaver's FTP authentication, making it secure.
See Connect to a remote server for more information.
Note: When choosing a client, make sure to choose a program that allows port forwarding. Port forwarding must be activated and configured within the chosen client. This feature is crucial to creating SSH tunnels. Please consult the documentation for the SSH client for instructions. Putty SSH client enables port forwarding.
To learn more about secure authentication and SSH, consult:
- The PuTTY FAQ.
- SSH: The Secure Shell: The Definitive Guide, by Daniel J. Barrett, Ph. D. and Richard E. Silverman, O'Reilly, 2001.
- The SSH Communications Security website. SSH Communications Security created the SSH Secure Shell technology, which provides password and authentication protection for remote logins.