Penn State blue navy and white logo

ASET FTP Services Upgraded for Secure-Only File Transfers

Regular FTP decommissioned on June 1, 2002


posted on May 8, 2002

In an effort to increase password protection for Penn State Access Account users, Academic Services and Emerging Technologies (ASET), a service unit of Information Technology Services (ITS) upgraded its File Transfer Protocol (FTP) server ftp.personal.psu.edu on June 1, 2002 to provide for "secure-only" file transfers. This means that those who use ITS computing services at Penn State no longer will be able to use popular FTP software, such as WS_FTP for Windows and Fetch for Macintosh, to transfer files to their respective Penn State Access Account (PASS) Storage Space; however, a variety of alternatives have been established to help Penn State faculty, staff, and students make the transition from current file transfer methods to more secure options. Please note that this change affects all ASET FTP services, including access.psu.edu, the lab systems, cbs.aset.psu.edu, armstrong.cac.psu.edu, splogin.cac.psu.edu, rs6klab.aset.psu.edu, and all other ITS UNIX systems.

The increase in security measures stems from the tendency for many kinds of FTP software to present passwords "in the clear." This means that passwords are vulnerable to network eavesdropping by unscrupulous individuals in search of "userids" and passwords, giving them the ability to gain unauthorized access to servers and systems. Due to this vulnerability, students, faculty and staff should be aware that it's possible for an individual to obtain their Penn State Access Account userid and password and assume their identity.

How can Penn State's community of computer users update Web pages and files without risking security compromise? Fortunately, alternatives, which are noted below, have been created to make file updates to Personal, Course, or Departmental Web pages easy and secure.


Recommendations

The following methods have been established as replacements for current file transfer methods:

  • The Penn State Access Account Storage Space (PASS) Gateway
    The PASS Gateway provides a means by which users can access PASS without having to install and use software "native" to a specific platform and operating system. Information and instructions are found at (https://www.work.psu.edu/pass/).


  • Secure FTP Clients
    The secure FTP clients identified are MacSSH.com's MacSFTP client and SSH.com's client for Windows. MacSFTP and SSH.com clients replace Fetch for Macintosh and WS_FTP for Windows respectively. Updates to these clients are available via the online version of PAC-ITS at http://www.pac-its.psu.edu/mac/filetran/ (Mac) and at http://www.pac-its.psu.edu/windows/filetran/ (Windows).


  • The PASS Explorer via the Penn State Portal
    The PASS Explorer tool lets users transfer files quickly and easily between their PASS and a local directory/folder on their machine. Instructions for using this tool are found at http://www.psu.edu/portalproject/passexplorer/.


  • The Secure Shell Protocol (SSH)
    The Secure Shell Protocol (SSH) allows users to connect to a remote server or machine from another machine or personal computer via an encrypted connection. Using this protocol, the Access Account userid and password pair are transmitted through an encrypted connection to prevent network snooping or "sniffing" of passwords via traditional, non-secure network connections. A secure copy program, known as "scp" accompanies SSH and allows for a file to be copied securely from a remote machine to a local machine (or vice versa). More information is found at http://aset.its.psu.edu/internet/ssh/.


  • "Native" Access
    For those who prefer "native" access, a client for Windows NT can be downloaded via https://www.work.psu.edu/access/dce/. A client from IBM is available for Windows 2000 users; however, it is not site licensed, so a $200 fee is necessary to obtain the software. If you need assistance with obtaining the native client, please direct inquiries to root@aset.psu.edu.

NOTE: All clients and alternatives can be accessed via the FTP Alternatives Web site.


Getting Help

General Help
If you need assitance, please contact the Help Desk at helpdesk@psu.edu. For locations and hours, see the Help Desk information at http://css.its.psu.edu/consulting/.

Help with the PASS Explorer
If you need assistance with the PASS Explorer, please direct inquiries to helpdesk@psu.edu.

Help with the PASS Gateway
If you need assistance with the PASS Gateway, please direct inquiries to helpdesk@psu.edu.

Help with Native Client Access
If you need assistance with the native client, please direct inquiries to helpdesk@psu.edu.

In every case, please include the following in your problem report:

  • Your Access Account userid (for example, xyz123)
  • The time the error occurred
  • The error message(s) received, if any
  • The client you tried to use
  • The platform (for example, Windows or Macintosh)


Please note that all systems are scheduled for daily maintenance between 5:30 and 7:30 a.m. During this time, one or more Internet services may not be available. The ITS systems status page shows the current status of servers.


The Pennsylvania State University ©2003. All rights reserved.
Alternative Media - Nondiscrimination Statement
This site maintained by Consulting & Support Services, a unit of Information Technology Services.
Consulting and Support Services Staff Directory

For assistance please write to the Help Desk or see our Help Sources.
Provide site feedback to the CSS Web Group .

Last revised: Monday, July 14, 2003.