RBrowser

   Other Topics

© Copyright Robert Vasvari, 1993-2010.

FTP with SSL/TLS - FTPS - Explicit, Implicit, what are these things?

The normal way to connect to an FTP server (which, of course RBrowser will happily handle) is to use no encrytion whatsoever. This approach is the fastest, and uses the least anmount of resources, and it is fine for downloading files from public FTP servers. However, if there is sensitive data on your FTP server it is not secure enough. For that reason, there are standard schemes out there to encrypt FTP connections.

RBrowser implements the only standard that is out there, RFC 2228 to have SSL encrypted secure FTP access. This protocol is often called FTPS or Explicit SSL. There is another kinf of FTPS called Implicit SSL. RBrowser supports that too, (although it is not the standard) but only in situations where the standard explicit SSL is not available. This protocol means that both control and data connections are secure, whether it is in passive mode or not. This protocol is not to be confused with SFTP which is part of the SSH2 protocol. RBrowser's implementation has been tested against all commercial FTP-SSL/TLS servers we could find, including WS-FTPD Pro. There are no options to be set other than the regular FTP options. Things to keep in mind with standard FTP versus SSL: encrypted data transfers are much slower! That is the price we pay for security. FTP with SSL is included in the RBrowser Basic license. IMPORTANT: When SSL is used, it is encrypted ONLY during the transfer, when the file is saved at the destination it is in its original (unencrypted) state.


FTP Options (in the Site Manager Panel)

SSL Mode:

RBrowser supports FTP with SSL, or FTPS both explicit and implicit ways.

  • No-SSL
  • RBrowser will NOT try any kind of ssl authentication.
  • Auto-Select
  • RBrowser will try Explicit SSL, No SSL then Implicit SSL if all others fail. Once the correct setting is established it will be saved, so next time the login will go fast with the correct option.
  • RBrowser will try Explicit SSL only, if that fails returns with an error.
  • RBrowser will try Implicit SSL only, if that fails returns with an error.
The default setting is Auto-Select, which should work for most cases.

Use Passive FTP:

Normally, the FTP server will connect back to the FTP client to form a data connection. If the client site is firewalled, this may be a problem. With this option you can force RBrowser to make an outgoing data connection instead of an incoming one. Use this option only if the regular way does not work. Default is Auto, in this case RBrowser will find the best way to connect. It is the recommended setting for new connections, as well as if the connection worked in the past but now has hanging problems.

File Transfer Type:

Binary: the default. In this mode the transferred files are not touched at all, they are transferred exactly as they are. If you work with UNIX text files (like those saved by TextEdit) this option is what you need.
Automatic: RBrowser will try to figure out based on filetype and filename extensions which files in text, and upload/download those in text mode.
Text: Upload/download all files in text mode.
Text mode means that RBrowser will translate the line endings to CRLF on upload and translate them back to CR (the Mac line ending) on download.


FTP Text Mode, ASCII Upload, Line endings, however you want to call it:

The Macintosh community is used to being different... UNIX uses the linefeed character to end lines in text files (ASCII 10), whereas legacy MacOS uses carriage return (ASCII 13). So, one had a problem: if you are maintaining a website, you edit your pages on a Mac, the line endings in these pages must be translated to UNIX during the upload. Of course, it is a very inexact science figuring out which file is text, which is formatted text (like RTF) or worse, binary. Attempting translations on anything but basic text files corrupts the file! Your trusty old Fetch 3.0.3 did this very well in the old world by relying on types and creators to figure out what files to translate... Guess what! This is the new world now. In this brave new world, Mac text files and UNIX text files coexist, and most text files have no types/creators at all. This makes translation especially on download very difficult, since it is impossible to know if the file was intended to be a Mac or a UNIX text file. Our recommendation: stay away from any of this and use the default, which is binary. Most HTML editors, BBEdit among them, are perfectly capable of translating your old mac text format into the UNIX format and keeping it there! Make sure you set the preferences in BBEdit or your editor to use UNIX line endings. THIS IS THE STANDARD IN OSX!. For those of you who want to still use the translations, here are the rules: On upload it pretty much works as expected; in Automatic mode RBrowser uses file type and extension info to figure out if a file is to be translated or not. On download, text mode will mean that the downloaded file will be a Mac text file! If you use unix files, use binary mode only.

RBrowser is not loading the contents of my directories in FTP.. help!:
Most likely you turned on your firewall, so the FTP data connection is blocked from the server. Before login, set Passive FTP, to "Auto Passive" on the Login Panel. This will allow RBrowser to test your setup and the remote site to determine if Passive FTP is allowed and necessary. There are times where it will simply not work because neither setting is allowed. For instance ftp.microsoft.com does not allow passive ftp, and your personal firewall will disallow non-passive ftp. In this case you will have to make sure your personal firewall is off, if you want to connect to ftp.microsoft.com.

Opening/Copying to Local Host:

If the remote FTP server is a Windows box, be mindful of the following: even if the file is listed in the browser, it might not be accessible to you, because it may have the "hidden" attribute set. If you try to retrieve this file, you will probably get an error like this:

550 filename: The system cannot find the file specified

Server to Server transfers:

The operations affected are: Copy and Move on the same machine, and remote to remote transfer. The operation may fail with an error message similar to this:

Server to Server transfer failed: 500 Illegal PORT command.

A possible explanation: Server to Server transfer requires one server to be in passive mode and another server to connect to it using the PORT command. On some sites this capability is disabled on purpose. On others they might be using a version wu-ftpd that has this feature disabled by default. If this is the case, you are at the mercy of your system administrator.

File Permissions on uploads:

RBrowser has no setting for this, it always (tries to) duplicate the permissions of the source file on the local system. In FTP this sometimes fails as some servers do not allow CHMOD commands.
If you end up with the wrong permissions on the remote host, first check to make sure your permissions are correct on the local box. Then, if permissions get mangled during upload, check with your FTP server's admin about it.

Crippled servers:

RBrowser does its best to connect to servers that are, shall we say, not configured correctly. RBrowser depends on the long listing (LIST), which some FTP servers do not support. If you connect to one of these, the directory listings will look like if they were all files and no directories. As you click on any of the files, RBrowser will attempt to find the attributes of the file (whether it is a directory, size, date, etc.). Afterwards, the Inspector will update with the newly acquired attributes.

'@' appearing at the end of filenames:

Some FTP servers show that the file is a link by appending a '@' character at the end of filenames representing symbolic links. This will confuse RBrowser, which thinks that the @ is a legal character that is part of the filename. This will make browsing impossible, since filename@ really does not exist. For instance, if you go to ftp.cdrom.com in the /pub directory you will see files like linux@ and java@. Clicking on these files will not load the directory. Workaround: use the Find Panel (Command-f) . Type in /pub/linux and the desired path will load.

Some ISPs allow you access only to your own directory by making their FTP server think your home directory is the root. Because of that, the user/group info displayed in the browser is false, usually just numbers like 182673:20005. This keeps RBrowser from recognizing ownership of your files, so upon saving them you might get messages like "File xxx may not be readable," etc. In this case, you can ignore the message and click "Try Anyway."