MacSFTP (SSH FTP Client)
MacSFTP - Secure FTP Client for the Macintosh
MacSFTP is a Macintosh application used to transfer files over TCP/IP
using the Secure File Transfer Protocol (SFTP) subset of the Secure Shell
Procotols (SSH). SFTP is the replacement for the old and insecure File
Transfer Procotol (FTP), with the addition of strong Encryption/Authentication.
Everyone made a big deal about telnet being insecure, many people thought that SSH wouldn't be able to replace the
telnet protocol. Today many Internet service providers do not allow users to telnet into their systems and tell them
to use SSH instead. Now there are a plethora of different SSH clients.
The other insecure protocol next to telnet is FTP, although users are using secure connections to connect remotely
users are still uploading files via FTP. Connections made via FTP send information in plaintext including your
Getting people to switch to SFTP is easy enough, you do not want people having your login information. Chances are
your FTP password is the same as your SSH password. Hackers on the network and on the Internet can sniff your
connection and find your password then remotely login and have the same access you have.
Why Use SFTP:
1: because many (and more everyday) web site providers shutdown FTP
access because of its lack of security.
2: because you hate hackers sniffing your passwords on backbones.
3: because you have confidential data to exchange.
4: because you're a spy, and need to give essential information to another country, but don't want to be seen - just
kidding (; (hopefully !!!)
SFTP vs FTP
pros and cons
MacSFTP is definitely slower than *any* FTP client.
Don't let this get you down, we will explain why:
- data encryption sucks CPU.
- there is no 'anticipation window' in SFTP. i.e. when you send a data
packet, you must wait for an acknowledge before sending the next one,
so twice the delay between the sender and the receiver is lost. this is
a shame, knowing that TCP/IP already has this 'windowing' system.
Slower but so much safer !
Again this depends on your computer, have a nice fast connection and CPU, then don't worry!
Administrators! And FTP Users
It is up to you to ask your ISP to use the SFTP protocol. Simply send them a e-mail and tell them you want security!
SFTP uses the SSH package to ensure your data is encrypted.
The administrator can safely shutdown any plain FTP server. SFTP is a specific
application run as an SSH subsystem, if requested during SSH negotiation. The packet format is *completely* different
in fact, you can see SFTP as a 'remote filesystem', where you can
open remote files for reading/writing, seek to an offset, read some
... where FTP can only upload or download a complete file. resume
has been added later, but that's definitely not a 'remote filesystem'
and the directory listing depends on the server localization, system
Jean-Pierre tells us 'FTP is a *MESS* I known this, I have developed a commercial FTP client for a former company,
and it works fine... depending on the server (;'
Features of SFTP:
- SSH1 and SSH2 protocols support
- Key exchange: Diffie-Hellman group-exchange protocol & Diffie-Hellman
- Key types: ssh-rsa, ssh-dss
- Key pairs generation: SSH1 RSA, SSH2 DSA & RSA.
- Strict host key checking
- SSH1 ciphers: DES, 3DES, Blowfish
- SSH2 ciphers: 3DES, Blowfish, CAST128, Arcfour , AES (128, 192, 256)
- Supported macs: md5, md5-96, sha1, sha1-96, ripemd160
- Drag and Drop File and Directory transfers
- ISO-8859-x and Unicode File name translation
- Encode/Decode MacBinary files on the fly
- Resume interrupted downloads
- AppleScript support
New this version:
fixed wrong file dates offset by about 6 month if your difference to GMT is negative
passwords can now be saved (encrypted) in bookmarks
added a refresh button to bypass cached directory
Standard File dialog download directory is now the default one selected from preferences
fixed alt-open "." and ".." directories loop
Downloads for Mac OS 8.6 w/ Carbon Lib or Mac OS X.
Carbon 1.0b2 [macssh.com]
MacSFTP Carbon 1.0b2
MacSFTP Classic 1.0b2