View Single Post
Old 03-12-2014, 05:15 PM  
Yil
Too much time...
 
Join Date: May 2005
Posts: 1,194
Default

What cypher do you get connecting to glFTPD these days? On ioFTPD you should get ECDHE-RSA-AES256-SHA in most cases. The leading EC is the new elliptic curve stuff which I think means the cipher is more secure now because it's using a unique one-time key per connection now or something. That does require separate support not found in old glftpd, but ioFTPD already does this. On the other hand, it's possible to sign certs with something stronger (2048 vs 1024, DHE, EC) but I don't know how compatible that is with older FTPs. See what the glFTPD cert signature uses if you're curious since it should say which methods it uses. In all honesty though I don't think that buys a lot since most servers just self-sign the cert which means the signature is pretty useless since it can't be verified, and the new ECDHE stuff ioFTPD already supports makes the negotiated key more secure.

If anyone really knows this stuff feel free to chime in
Yil is offline   Reply With Quote