![]() These doors could be accessed through a DNS alias or through an haproxy server. It is possible for dCache to run several ftp doors of the same type. This extension removes any ambiguity and allows clients to work with different servers. Subsequent extensions to FTP support directory listing in a precise, prescribed format. The ftp.list-format configuration property controls which format is returned. ![]() Some clients exist that attempt to parse the directory listing, using various heuristics to guess in which format the server is replying.ĭCache supports two formats: a legacy format and a format that more closely emulates the output from ‘ls -l’. Returning the output of ‘ls -l’ became a de facto standard, although different implementations of the ‘ls’ command also different in their response. Different FTP servers could respond in different ways. In the original FTP specification, the format of a directory listing was unspecified. Directory listingĪ client may request a directory listing. The configuration property -subnets is a space-separated list of either IP addresses of subnets (written in CIDR notation). This is perhaps most useful with plain (unencrypted) FTP, but may be used with all flavours. The door may be configured to accept network connections only from specific clients. Support for gsi FTP is limited to grid tools. Support for tls FTP is more common and is often referred to as FTPS, FTP(E)S, FTPS-explicit or FTPES. Authentication with tls is based on username and password, gsiftp is based on X.509 credentials, while Kerberos FTP uses Kerberos.Īlthough tls and gsi FTP doors are both X.509 based, they differ in how the encryption is handled. With tls, gsiftp and Kerberos FTP, the control channel is encrypted, preventing eavesdropping or interfering with requests. In plain FTP, the control channel is unencrypted in many cases, this is insecure and requires additional protection. These flavours differ in how the control channel is handled. Each FTP door supports exactly one of these flavours. In general, dCache supports four flavours of control channel: plain, tls (also known as FTPS), gsiftp (also known as GridFTP), and kerberos. The control channel is the TCP connection established by the client over which the client issues commands and receives replies indicating whether those commands were successful. These are typically backwards compatible, allowing the ftp door to work with clients that support the extension in addition to those that don’t. Various extensions to FTP exist to support additional functionality. FTP differs from many other protocols by using separate TCP connections for issuing commands (the control channel) and transferring file data (the data channel). FTP was originally specified without any encryption, with later standards adding support for encrypted communication. This chapter explains how to configure dCache to allow FTP, a common network protocol that many clients support.įTP is a long established protocol that allows clients to transfer files, and manage files and directories within dCache.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |