• About FTP support

    From Enric Lleal@2:343/107 to All on Thu Jan 20 08:52:04 2022
    Hello all!

    Mozilla, Google and others have removed the ftp support from their web browsers, and the workarounds with their latest versions doesn't work anymore. This is a shame, it's very sad, but is the way things are going nowadays. In fact, I can't browse my own Node and download my own file base using web browsers. My public navigation is also affected by this lack of support.

    In terms of feasibility, I can still access through FTP client to my Node, but it seems insecure from outer places/connections since the login negotiation is over plain-text. Let me know if I'm wrong.

    Do you think it could be a good idea to ask Kim about some possible milestones in the roadmap of BBBS development?

    In short/mid term:

    - To implement more security in the current ftp protocol implementation (TLS)? - To implement the file downloading through HTTP/S when the session is web based.

    In a long term:

    - To implement SSH (including the sftp subservice support) daemon for incoming connections.

    That's all, folks! :-D

    A reveure!!
    Enric

    --- BBBS/Li6 v4.10 Toy-5
    * Origin: Eye Of The Beholder BBS - The Fidonet's Corsair (2:343/107)
  • From Alan Ianson@1:153/757 to Enric Lleal on Thu Jan 20 00:43:16 2022
    Mozilla, Google and others have removed the ftp support from their web browsers, and the workarounds with their latest versions doesn't work anymore. This is a shame, it's very sad, but is the way things are going nowadays. In fact, I can't browse my own Node and download my own file base using web browsers. My public navigation is also affected by this lack of support.

    I have been seeing and thinking the same thing. It would be a good thing if the files links were http/s instead of FTP today.

    In terms of feasibility, I can still access through FTP client to my Node, but it seems insecure from outer places/connections since the login negotiation is over plain-text. Let me know if I'm wrong.

    Secure protocols are a good thing.

    Do you think it could be a good idea to ask Kim about some possible milestones in the roadmap of BBBS development?

    It wouldn't hurt.

    In short/mid term:

    - To implement more security in the current ftp protocol implementation (TLS)?
    - To implement the file downloading through HTTP/S when the session
    is web based.

    All good. A CRAM-MD5 handshake in the binkp service would be welcome also.

    In a long term:

    - To implement SSH (including the sftp subservice support) daemon for incoming connections.

    It all sounds good to me. :)

    --- BBBS/Li6 v4.10 Toy-5
    * Origin: The Rusty MailBox - Penticton, BC Canada (1:153/757)
  • From Enric Lleal@2:343/107 to Alan Ianson on Thu Jan 20 18:17:12 2022
    Hi Alan,

    I have been seeing and thinking the same thing. It would be a good thing if th
    files links were http/s instead of FTP today.

    Yes. Usability should be a goal to reach for.


    Secure protocols are a good thing.

    :-)


    All good. A CRAM-MD5 handshake in the binkp service would be welcome also.

    Yes. Good point.


    It all sounds good to me. :)

    Very well... Let see others if they have something more to say.


    A reveure!!
    Enric

    --- BBBS/Li6 v4.10 Toy-5
    * Origin: Eye Of The Beholder BBS - The Fidonet's Corsair (2:343/107)