cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: AW: AW: Question about SFTP

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Mon, 20 Jun 2011 18:50:10 +0200 (CEST)

On Mon, 20 Jun 2011, Chenevard Alfredo wrote:

> With SFTP I can use the -k option (this assume that the connection are
> insecure....) I don't understand what this will be mean. It's a insecure
> data connection, or the user/password will be unencrypt...?

-k with SFTP means that curl doesn't set the CURLOPT_SSH_KNOWNHOSTS option,
which will make libcurl accept all connections to SFTP servers without
checking if they are known.

This is insecure since it allows man-in-the-middle attacks without them being
detected.

The SSH connection will however still get encryped as negotiated.

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html

Received on 2011-06-20

This message: [ Message body ]
Next message: Daniel Stenberg: "Re: How to fall back to ask for a password when NTLM single-sign-on failed"
Previous message: Wu, Mandy: "How to fall back to ask for a password when NTLM single-sign-on failed"
In reply to: Chenevard Alfredo: "AW: AW: Question about SFTP"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]