Secure FTP - Ftps
The Unix FTP service is available for offsite access
from ftp.csc.liv.ac.uk with an FTP server that
supports Ftps (more
commonly known as FTP over SSL).
Login access to the service is via anonymous or
local user accounts.
A N N O U N C E : due to a change of policy by
Computing Services the secure Unix FTP service will not
be available externally after 08//2/12..
bulk data; transfers by allowing recovery from
aborted network connections.
Secure FTP should not be confused with SFTP file transfer via the SSH
protocol; which uses encrypted
channels and public/private key authentication.
See here for
information about making SFTP encrypted file transfers.
Access security is certificate based and encrypted transfers are made via the Secure Socket Layer or SSL -
certificate identifies the departmental server.
File transfers from your local account require
enabled FTP client. Authentication is via a password; which must
always be sent over an encrypted connection.
Encryption of subsequent data
listings and transfers depends upon negotiations between the client
N.b. if login authorisation consistently fails, try re-setting your Windows password;
action will also update your password on the FTP server.
When connecting to the department from an external host you may
encounter a warning from your client about
the server certificate authority
not being trusted - to authenticate the
of the department's FTP server a client will need a copy of
the LUCS certificate authority certificate - copies
may be obtained from email@example.com .
Installing a CA certificate on a
a Windows system is, usually, performed by
their certificate wizard.
On Unix systems the
directory to which which certificates should be copied varies according to the O.S. version
and local site policy. Example locations include:
To access our site a client does not need to identify itself with a client certificate.
Due to University security policy the standard Unix ftp command may only be used for anonymous FTP access.
Various commercial SSL enabled products are available but only the freeware
has been tested with our FTP server:
A Windows client
available for download from
Computer Services, though their
notes only discuss making SSH connections.
See here for an example SSL connection profile.
Standard on most Linux distributions and usually SSL enabled lftp has a shell-like command syntax
that allows parallel command issue.
See here for notes.
A command line tool for transfering files, over a variety of protocols (including Ftps), using a URL syntax.: curl is
particularly suited for scripting and has been widely ported among Unix and Linux systems.
See here for notes.
The current server policy does not enforce SSL session reuse when
using SSL for data transfers or directory
listings; as this setting is not supported by some clients.
When setting up an FTP client
be sure to specify "AUTH TLS" as the SSL mode of negotiation.
This is the recommended way of doing things.
For help and advice about building and configuring FTP clients
to work with our FTP server
 Ftps - RFC4217 - state of play.