SSH and FTP
[!NOTE] This module explores the core principles of SSH and FTP, deriving solutions from first principles and hardware constraints to build world-class, production-ready expertise.
1. SSH (Secure Shell)
SSH is a cryptographic network protocol for operating network services securely over an unsecured network. It is the standard for remote management of Linux servers.
- Port: 22.
- Key Features:
- Encryption: All traffic between client and server is encrypted.
- Authentication: Password or Public-key based.
- Tunneling: Can wrap other protocols (like database traffic) and send them through a secure “tunnel.”
2. FTP (File Transfer Protocol)
FTP is a legacy protocol used to move files between a client and a server.
- Port: 21 (Command), 20 (Data).
- The Flaw: It is completely Unencrypted. Your username and password are sent in plaintext over the wire.
The Alternatives
- SFTP (SSH File Transfer Protocol): FTP-like functionality running entirely inside an SSH session. (Secure).
- SCP (Secure Copy): Simple CLI tool to copy files over SSH. (Secure).
3. Interactive: SSH Key Exchange
See how the server is verified.
💻
Client
↔
Remote Server
SHA256: 4f1a...
Waiting for command...
4. Active vs. Passive FTP
FTP is famous for being a “Firewall Killer” because it uses two separate connections.
- Active Mode: The server tries to connect to the client for data transfer. Most firewalls block this.
- Passive Mode: The client connects to the server for both command and data. This is what modern clients use to get through firewalls.