|
Home > Archive > IIS Server Security > August 2006 > IIS FTP server authentication via Kerberos
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
IIS FTP server authentication via Kerberos
|
|
| Pierre Bru 2006-08-28, 1:41 pm |
| hi,
my boss ask me if it is possible to authenticate on an IIS server using
Kerberos(?) instead of the usual username/password
I'm not sure I understand what he means... :/
could s/o help me ?
TIA,
Pierre.
| |
| Peter Schmidt 2006-08-28, 7:31 pm |
| Hi Pierre
I believe what you are asked is, if FTP authentication between client and
server, can use a more secure way of authentication like in Kerberous, maybe
even using Kerberous Auth.
No, that's not possible, the FTP protocol is unsecure and communicate
username/password in plain text between the server and the client.
You can solve this by installing a Secure FTP (SFTP) server, but the FTP
server in IIS is not able to run SFTP. If you want to go for SFTP, you have
several options:
1. wait for Longhorn Server, where IIS will have the SFTP functionality.
2. find a 3rd party product for your FTP server, which is able to run SFTP.
I hope this answered your question.
Regards
Peter Schmidt
www.iis-digest.com
"Pierre Bru" <Pierre.Bru@spotimage.fr> wrote in message
news:udtpNqryGHA.4392@TK2MSFTNGP04.phx.gbl...
> hi,
>
> my boss ask me if it is possible to authenticate on an IIS server using
> Kerberos(?) instead of the usual username/password
>
> I'm not sure I understand what he means... :/
> could s/o help me ?
>
> TIA,
> Pierre.
| |
| Bernard Cheah [MVP] 2006-08-29, 7:26 am |
| FTPS and SFTP are two different beast all together...
FTPS works via SSL, while SFTP relies on secure shell technology.
IIS FTP in v7 will offers FTPS.
--
Regards,
Bernard Cheah
http://www.iis.net/
http://www.iis-resources.com/
http://msmvps.com/blogs/bernard/
"Peter Schmidt" <peter[AT]iis-digest[DOT]com> wrote in message
news:e2Mnr9syGHA.3464@TK2MSFTNGP03.phx.gbl...
> Hi Pierre
>
> I believe what you are asked is, if FTP authentication between client and
> server, can use a more secure way of authentication like in Kerberous,
> maybe even using Kerberous Auth.
> No, that's not possible, the FTP protocol is unsecure and communicate
> username/password in plain text between the server and the client.
>
> You can solve this by installing a Secure FTP (SFTP) server, but the FTP
> server in IIS is not able to run SFTP. If you want to go for SFTP, you
> have several options:
> 1. wait for Longhorn Server, where IIS will have the SFTP functionality.
> 2. find a 3rd party product for your FTP server, which is able to run
> SFTP.
>
> I hope this answered your question.
>
> Regards
> Peter Schmidt
> www.iis-digest.com
>
>
> "Pierre Bru" <Pierre.Bru@spotimage.fr> wrote in message
> news:udtpNqryGHA.4392@TK2MSFTNGP04.phx.gbl...
>
>
| |
| Pierre Bru 2006-08-29, 7:26 am |
| Bernard Cheah [MVP] wrote:
> FTPS and SFTP are two different beast all together...
> FTPS works via SSL, while SFTP relies on secure shell technology.
>
> IIS FTP in v7 will offers FTPS.
is FTPS the same as what unix people call kerberos ftp ? or maybe these
so called kerberos ftp are either FTPS or FTPS server which validate the
username/password against some kerberos server ?
TIA,
Pierre.
| |
| Bernard Cheah [MVP] 2006-08-29, 7:26 am |
| I'm not sure. but I think that would be more towards FTP authentication,
rather than FTP+SSL implementation.
--
Regards,
Bernard Cheah
http://www.iis.net/
http://www.iis-resources.com/
http://msmvps.com/blogs/bernard/
"Pierre Bru" <Pierre.Bru@spotimage.fr> wrote in message
news:eXbubg0yGHA.5048@TK2MSFTNGP03.phx.gbl...
> Bernard Cheah [MVP] wrote:
>
> is FTPS the same as what unix people call kerberos ftp ? or maybe these
> so called kerberos ftp are either FTPS or FTPS server which validate the
> username/password against some kerberos server ?
>
> TIA,
> Pierre.
|
|
|
|
|