https://stackoverflow.com/questions/20238062
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianFTPS is essentially FTP protocol with an added layer of TLS/SSL security. Your understanding that the password is encrypted during communication between client and server is absolutely correct.
You see the same logs with just a small difference in the first line because you have access to the server and have a complete log. The reason FTPS was brought into existence is because it disallows all the third parties to snoop on our user credentials. With FTP , this is quite possible.
Lets try and understand the part about Explicit FTPS.
The server lets you connect using and unencrypted FTP connection. Prior to sending user
credentials, the client then requests that the server switch the command channel to an
SSL encrypted channel using the client AUTH TLS or AUTH SSL commands. Upon successful
setup of the SSL channel the client then sends user credentials to the FTP server. These
credentials along with any other commands sent to server during the FTP session are
automatically encrypted by the SSL channel.
According to Wikipedia, here is the description for the channels.
- Secure command channel
The secure command channel mode can be entered through the issue of either the AUTH TLS or AUTH SSL commands. After such time, all command control between the FTPS client and server are assumed to be encrypted. It is generally advised to enter such a state prior to user authentication and authorization in order to avoid the eavesdropping of user name and password data by third parties.
- Secure data channel
The secure data channel can be entered through the issue of the PROT command. It is not enabled by default when the AUTH TLS command is issued. After such time, all data channel communication between the FTPS client and server is assumed to be encrypted. The FTPS client may exit the secure data channel mode at any time by issuing a CDC (clear data channel) command.
References:
