FTP over SSL (explicit encryption)

D

David Isaac

Aug 10, 2005

#1

I am looking for a pure Python secure ftp solution.
Does it exist?

I would have thought that the existence of OpenSSL
would imply "yes" but I cannot find anything.

ftplib does not seem to provide any secure services.

I know about fptutil
http://codespeak.net/mailman/listinfo/ftputil
but that does not seem to provide any secure services.
(Btw, Matt Croydon's intro is helpful for newbies:
http://postneo.com/stories/2003/01/01/beyondTheBasicPythonFtplibExample.html
)

I know about M2Crypto
http://sandbox.rulemaker.net/ngps/m2/
but that requires installing SWIG and OpenSSL.
(If someone tells me they have found this trivial
under Windows, I am willing to try ... )

I would have thought that this was a common need with
a standard Python solution, so I suspect I'm overlooking
something obvious.

Hoping,
Alan Isaac

E

Eric Nieuwland

Aug 10, 2005

#2

David said:
I am looking for a pure Python secure ftp solution.
Does it exist?

Do you want SFTP or FTP/S?

I would have thought that the existence of OpenSSL
would imply "yes" but I cannot find anything.

ftplib does not seem to provide any secure services.

Indeed. If you want SFTP, just make a copy of ftplib and modify so it
will use an SSL socket instead of a normal socket. After that, only
some minor point may remain.

[...]I know about M2Crypto
http://sandbox.rulemaker.net/ngps/m2/
but that requires installing SWIG and OpenSSL.
(If someone tells me they have found this trivial
under Windows, I am willing to try ... )

I guess SFTP should work on Windows as well.

I would have thought that this was a common need with
a standard Python solution, so I suspect I'm overlooking
something obvious.

AFAIK you're not. I'm having a look at FTP/S right now. That's a little
more complicated, but it seems doable.
If I succeed, I guess I'll donate the stuff as an extension to ftplib.

--eric

D

David Isaac

Aug 10, 2005

#3

Eric Nieuwland said:
Do you want SFTP or FTP/S?

The latter.

I'm having a look at FTP/S right now. That's a little
more complicated, but it seems doable.
If I succeed, I guess I'll donate the stuff as an extension to ftplib.

Great!
Please post a link as soon as it is usable!

Thanks,
Alan Isaac

A

Andrew MacIntyre

Aug 10, 2005

#4

David said:
I am looking for a pure Python secure ftp solution.
Does it exist?

I recall coming across an extension package (pretty sure it wasn't pure
Python anyway, certainly not for the SSL bits) with SFTP - I think the
name was Paramiko or something like that.

D

David Isaac

Aug 12, 2005

#5

Andrew MacIntyre said:
I recall coming across an extension package (pretty sure it wasn't pure
Python anyway, certainly not for the SSL bits) with SFTP - I think the
name was Paramiko or something like that.

Unfortunately that's SSH2 only.
It is indeed pure Python
http://www.lag.net/paramiko/
However it requires the PyCrypto module.
http://www.amk.ca/python/code/crypto

Can you briefly outline how to use this as a client
to upload and down files from a server using SFTP?

Thanks,
Alan Isaac

D

David Isaac

Aug 12, 2005

#6

Alan Isaac said:
http://www.lag.net/paramiko/
However it requires the PyCrypto module.
http://www.amk.ca/python/code/crypto

Can you briefly outline how to use this as a client
to upload and down files from a server using SFTP?

OK, the mechanics are pretty easy.

sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.settimeout(20)
sock.connect((hostname, port))
my_t = paramiko.Transport(sock)
my_t.connect(hostkey=None ,username=username, password=password, pkey=None)
my_chan = my_t.open_session()
my_chan.get_pty()
my_chan.invoke_shell()
my_sftp = paramiko.SFTP.from_transport(my_t)

Now my_sftp is a paramiko sftp_client.
See paramiko's sftp_client.py to see what it can do.

Alan Isaac

D

David Isaac

Aug 14, 2005

#7

Eric Nieuwland said:
I'm having a look at FTP/S right now. That's a little
more complicated, but it seems doable.
If I succeed, I guess I'll donate the stuff as an extension to ftplib.

Just found this:
http://trevp.net/tlslite/
I haven't even had time to try it,
but I thought you'd want to know.

Cheers,
Alan Isaac

D

David Isaac

Aug 14, 2005

#8

http://www.lag.net/paramiko/

Alan Isaac said:
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.settimeout(20)
sock.connect((hostname, port))
my_t = paramiko.Transport(sock)
my_t.connect(hostkey=None ,username=username, password=password, pkey=None)
my_chan = my_t.open_session()
my_chan.get_pty()
my_chan.invoke_shell()
my_sftp = paramiko.SFTP.from_transport(my_t)

Now my_sftp is a paramiko sftp_client.
See paramiko's sftp_client.py to see what it can do.

When it rains it pours. wxSFTP
http://home.gna.org/wxsftp/
uses paramiko and provides a GUI.

Cheers,
Alan Isaac

P

Paul Rubin

Aug 14, 2005

#9

David Isaac said:
Just found this:
http://trevp.net/tlslite/
I haven't even had time to try it,
but I thought you'd want to know.

Tlslite is a very well done and promising package, but in its present
form it's not really complete. It's missing important functionality
(the ability to validate certificates) that it relies on complex 3rd
party C libraries to provide. Hopefully tlslite will be able to do
this by itself sometime soon.

Encryption with Python?	34	May 5, 2005
FYI: Strange VS Behaviour with SSL Solution - But Why?	0	Mar 6, 2005
python-dev Summary for 2006-08-01 through 2006-08-15	0	Oct 9, 2006
Can you introduce some book about python?	3	May 21, 2005
python-dev Summary for 2006-12-01 through 2006-12-15	0	Jan 13, 2007
LOCAL NYC - UNIGROUP 17-FEB-2005 (Thurs): ZOPE - Open Source WebDevelopment	0	Feb 16, 2005
python-dev Summary for 2004-08-01 through 2004-08-15	17	Aug 24, 2004
python-dev Summary for 2004-01-01 through 2004-01-31	7	Feb 24, 2004

David Isaac

Eric Nieuwland

David Isaac

Andrew MacIntyre

David Isaac

David Isaac

David Isaac

David Isaac

Paul Rubin

Ask a Question

Similar Threads

Members online

Forum statistics

Latest Threads