>There was something with how username / pwd gets transported and the like. Can't remember the details, it's old.
>
>There is enough to be found, but just an example
https://www.centrestack.com/ftp-replacement/FTP uses separate command and data channel, all unsecured.
IIRC:
FTPS still uses separate data and command, possibly many data channels:
more ports open in FW, bad when not using dedicated server, but parallel download possible.
Worse on client? Dunno.
Upd:
But danger of misconfigure to only encrypt part... /Upd:
SFTP was built on SSL, uses only 1 channel, less ports needed.
No problem if you map wrong file into the directory unless you operate on "*" / whole directory.
HTTPS up/download also secure, but I guess gives more attack surface than dedicated SFTP server.
Al ? Care to voice opinion forged by biz reading and learning ?
regards
thomas