Ok, and, seems I might have been using wrong terminology myself:
https://www.rebex.net/kb/secure-ftp/
"FTP - the plain old FTP protocol that has been around since 1970s. The
acronym stands for "File Transfer Protocol". It usually runs over TCP
port 21.
SFTP - another, completely different file transfer protocol that has
nothing to do with FTP. SFTP runs over an SSH session, usually on TCP
port 22. It has been around since late 1990s. The acronym actually
stands for "SSH File Transfer Protocol".
SCP - a variant of BSD rcp utility that transfers files over SSH
session. The SCP protocol has been mostly superseded by the more
comprehensive SFTP protocol and some implementations of the "scp"
utility actually use SFTP instead.
Secure communication layers
Additionally, there are the following two secure communication layers:
SSH - a protocol that allows establishing a secure channel between the
local and the remote computer. Serves as an underlying channel for
associated protocols such as secure shell, port forwarding, SFTP or SCP.
While it is possible to run the (slightly modified) plain old FTP
protocol over SSH, this is not very common, fortunately. File transfer
over SSH is nearly always done using SFTP or SCP.
TLS - this is almost generally known primarily by its old name - SSL -
and provides a way of securing otherwise unsecure protocols such as
HTTP, SMTP, POP3 or FTP. Please note that SSL 3.1 is called TLS 1.0, and
therefore TLS 1.0 is a newer version of the protocol than SSL 3.0,
despite the lower version number. HTTP over SSL is often called HTTPS,
and FTP over SSL is often called FTPS and has two variants, explicit
(starts as an unencrypted FTP session and is secured on client request)
and implicit (is secured right from the beginning and therefore needs a
separate TCP port, usually 990). The implicit mode is deprecated, but
still widely used."
Jacob Kruger
+2782 413 4791
"Resistance is futile...but, acceptance is versatile..."
On 2020-06-26 10:50 AM, jacob kruger wrote:
Norman, when connecting manually via either filezilla, or winscp, I generally use either ftps, or ssh via port 22 in both cases, but, this is a separate process, and, am currently using either pyftp module under python 3.7, or mysql client software for these connections to the server remotely.** To leave the list, click on the immediately-following link:-
Could also run the process on the server itself and then just download the single file results via ftp, or wget, but, let's see how it goes.
Am also going to look into specifically versions of ftps under python modules, just in case, but, like said, even when connecting using ftps, via port 22 in filezilla, it will at times block my connections if there are too many specific requests sent one after the other.
Thanks
Jacob Kruger
+2782 413 4791
"Resistance is futile...but, acceptance is versatile..."
On 2020-06-26 02:04 AM, Norman King wrote:
There is one interesting point to be made here, that might just solve the problem.
There is a huge difference here depending on if you are using ftp/ftps or sftp/scp/ssh.
The above are separate and very different protocols. I have to confess some bias here as i don't use ftp/ftps. I consider it a dated and overcomplicated protocol not to mention one that is full of security holes if not used correctly.
As i understand ftp it uses multiple ports depending if it's in active or passive mode. In addition one of these modes will choose a random port for each connection within a certain range. Properly firewalling this is extremely difficult and it's possible that the edge network on the server side is doing automated blocking of some of these connections.
On the other hand sftp/scp/ssh uses one port only regardless of the number of connections. The data stream is incrypted via the ssh tunnel and sftp is merely a file sharing protocol that uses this tunnel as it's connection pathway.
programs like winscp will give you a file manager like interface to view and download or upload files to the server from your local pc. I believe filezilla supports sftp as well but it's not the default protocol. You'd have to choose it when setting up the connection.
Best of all, Firewalling this is dead simple, If you have ssh access you also have sftp access. Just use the same hostname/port/user credentials that you use for the ssh connection in your sftp program to connect. It even supports key based logins if you don't like remembering passwords.
If anyone needs more help on this just ask.
HTH.
On 6/25/2020 10:00 AM, jacob kruger wrote:
Humberto, the issue is not time period, but, lots of automated processes - the server seems to react to that anyway, and, might have to do with connections dropping and being automatically resumed, or something - have had similar issues come up using filezilla in the past during the process of just downloading a copy of the whole site, telling filezilla to compare modified date-time, and, current process is running via pyftp from python code, using just one connection, but, think it relates to lots of request commands being passed through one after the other.
Jacob Kruger
+2782 413 4791
"Resistance is futile...but, acceptance is versatile..."
On 2020-06-25 01:55 PM, Humberto Rodriguez wrote:
Jacob:** To leave the list, click on the immediately-following link:-
I stay logged into my server for long periods through SFTP/SSH protocol, I use WinSCP to connect.
Humberto Rodriguez
Ocala, Florida
-----Original Message-----
From: program-l-bounce@xxxxxxxxxxxxx <program-l-bounce@xxxxxxxxxxxxx> On Behalf Of jacob kruger
Sent: Thursday, June 25, 2020 3:37 AM
To: program-l@xxxxxxxxxxxxx
Subject: [program-l] OT: VPN network software, etc.
Hi there
This is probably not completely off-topic, but, was previously using
openVPN at times when running tests against our servers hosted via
hetzner, since some of the multiple/repetitive FTP connections would end
up with them blocking my IP for a little while.
However, they've now, apparently, made a decision that openVPN gets used
by too many torrent protocol clients, and are thus blocking it, so, was
wondering if anyone would have recommendations relating to alternatives
in terms of a form of VPN software client, etc.?
And, FWIW, this is on windows 10 PC's, and, would prefer the UI to be
accessible, or via command line, etc.
Altnernatively, since my current connections are via LTE/mobile phones,
all running android, suppose could alternatively use an android package
to handle this?
Hope this makes sense
TIA
Jacob Kruger
+2782 413 4791
"Resistance is futile...but, acceptance is versatile..."
** To leave the list, click on the immediately-following link:-
** [mailto:program-l-request@xxxxxxxxxxxxx?subject=unsubscribe]
** If this link doesn't work then send a message to:
** program-l-request@xxxxxxxxxxxxx
** and in the Subject line type
** unsubscribe
** For other list commands such as vacation mode, click on the
** immediately-following link:-
** [mailto:program-l-request@xxxxxxxxxxxxx?subject=faq]
** or send a message, to
** program-l-request@xxxxxxxxxxxxx with the Subject:- faq
** To leave the list, click on the immediately-following link:-
** [mailto:program-l-request@xxxxxxxxxxxxx?subject=unsubscribe]
** If this link doesn't work then send a message to:
** program-l-request@xxxxxxxxxxxxx
** and in the Subject line type
** unsubscribe
** For other list commands such as vacation mode, click on the
** immediately-following link:-
** [mailto:program-l-request@xxxxxxxxxxxxx?subject=faq]
** or send a message, to
** program-l-request@xxxxxxxxxxxxx with the Subject:- faq
** [mailto:program-l-request@xxxxxxxxxxxxx?subject=unsubscribe]
** If this link doesn't work then send a message to:
** program-l-request@xxxxxxxxxxxxx
** and in the Subject line type
** unsubscribe
** For other list commands such as vacation mode, click on the
** immediately-following link:-
** [mailto:program-l-request@xxxxxxxxxxxxx?subject=faq]
** or send a message, to
** program-l-request@xxxxxxxxxxxxx with the Subject:- faq
