CN104410612A - A simple identity authentication method for a file transfer protocol - Google Patents
A simple identity authentication method for a file transfer protocol Download PDFInfo
- Publication number
- CN104410612A CN104410612A CN201410650482.5A CN201410650482A CN104410612A CN 104410612 A CN104410612 A CN 104410612A CN 201410650482 A CN201410650482 A CN 201410650482A CN 104410612 A CN104410612 A CN 104410612A
- Authority
- CN
- China
- Prior art keywords
- client
- character string
- transfer protocol
- file transfer
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a simple identity authentication method for a file transfer protocol (FTP). The simple identity authentication method comprises the implementation steps as follows: 1) identity authentication encryption algorithms are simultaneously preset on a client-side and a server; 2) the client-side generates an identity authentication character string and sends the identity authentication character string to the server through the FTP; 3) the server receives an FTP request of the client-side and the identity authentication character string sent by the client-side, and generates a target authentication character string; and 4) the server compares the identity authentication character string with the target authentication character string, if the identity authentication character string is the same as the target authentication character string, the server returns an FTP answer-back code 230 to the client-side, and if the identity authentication character string is different from the target authentication character string, the server returns an FTP answer-back code 503 to the client-side. The simple identity authentication method has the advantages that simple identity authentication of the FTP can be realized, the compatibility of a browser is good, the authentication is simple and reliable, and the use is convenient.
Description
Technical field
The present invention relates to computer communication field, be specifically related to a kind of simple identity verification method for file transfer protocol (FTP).
Background technology
File Transfer Protocol (File Transfer Protocol) i.e. remote file transferring agreement, be one for simplifying the agreement of document backup between system in IP network, FTP is a kind of embody rule of TCP/IP, it is operated in the 7th layer of osi model, on the 4th layer of TCP model, i.e. application layer, what use TCP transmission instead of UDP, FTP to set up is exactly a connection reliably.Adopt File Transfer Protocol can make Internet user efficiently ftp server from network download the data file of large information capacity, by the file copy on distance host to oneself computer.To reach the object of resource-sharing and transmission of information.Use due to FTP makes Internet to occur the download provided for user in a large number takes.Internet becomes a huge software storage.
FTP has two processes one to be control connection, and one is transfer of data.File Transfer Protocol needs a port as connection (during acquiescence, http port is 80, FTP port is 21) unlike http protocol.File Transfer Protocol needs two ports, and a port is as control connection port, namely 21 ports of FTP, for sending instruction to server and waiting for server response; Another one port is used for data transmission port, port numbers is 20 (only using PORT pattern), with setting up data transmission channel, Main Function sends a file from objective user orientation server, send a file from server to client, send file or directory listing from server to client.
The task of File Transfer Protocol transfers the file to another computer from a computer, the position residing for two computers in it and this, the mode of connection or even whether use identical operating system independent.Suppose that two computers are by ftp protocol dialog, and can access Internet, you can carry out transfer files with ftp order.Often kind of operating system has certain some nuance on using, but the basic imperative structures of often kind of agreement are identical.The transmission of FTP has two kinds of modes: ASCII transmission mode and binary data transmission pattern.
Along with the development of internet, at present in numerous Internet service agreements, the advantage of the simple and fast that File Transfer Protocol realizes for file service due to it, obtains increasingly extensive application.But due to the large-scale application of current mobile Internet, File Transfer Protocol often needs to adopt username and password to log in simultaneously, use relative complex, part-time applying of FTP host-host protocol.
Summary of the invention
The technical problem to be solved in the present invention be to provide a kind of can realize FTP host-host protocol simple identity checking, have browser compatibility good, verify the simple identity verification method for file transfer protocol (FTP) simple and reliable, easy to use.
In order to solve the problems of the technologies described above, the technical solution used in the present invention is:
For a simple identity verification method for file transfer protocol (FTP), implementation step is as follows:
1) client and server presets the authentication cryptographic algorithm relevant to client-side information simultaneously, described client-side information comprises IP address and the proxy IP address of client, and described authentication cryptographic algorithm is the irreversible encryption algorithm be encrypted client-side information; 2) client generates an authentication character string by authentication cryptographic algorithm in conjunction with self information and sends to server by File Transfer Protocol; 3) the File Transfer Protocol request of server receives client and the described authentication character string of client transmission, generate target verification character string according to the client-side information that File Transfer Protocol request comprises by authentication cryptographic algorithm; 4) described authentication character string and target verification character string compare by server, if authentication character string is identical with target verification character string, return File Transfer Protocol response code 230 to client; If authentication character string is different from target verification character string, return File Transfer Protocol response code 503 to client.
Further, described step 2) in client authentication character string are sent to by File Transfer Protocol to comprising during server, authentication character string and transmitting time are carried out reversible encryption packing; Described step 3) in the File Transfer Protocol request of server receives client time comprise algorithmic match of being carried out by the packet of reception packing with described reversible encryption decipherment algorithm obtain transmitting time wherein, if the transmitting time that deciphering obtains and current time difference exceed preset value, then return File Transfer Protocol response code 550.
The present invention has following advantage: client and server of the present invention presets the authentication cryptographic algorithm relevant to client-side information simultaneously, client generates an authentication character string by authentication cryptographic algorithm in conjunction with self information and sends to server by File Transfer Protocol, the described authentication character string that the File Transfer Protocol request of server receives client and client send, target verification character string is generated by authentication cryptographic algorithm according to the client-side information that File Transfer Protocol request comprises, described authentication character string and target verification character string compare by server, if authentication character string is identical with target verification character string, return File Transfer Protocol response code 230 to client, if authentication character string is different from target verification character string, return File Transfer Protocol response code 503 to client, the basic access ability (such as POST GET any one) mainly can carrying out FTP can carry out the authentication of client, even if due to the browser of mobile terminal that function is simplified or served by third-party transfer, can realize FTP host-host protocol simple identity checking, have browser compatibility good, verify advantage simple and reliable, easy to use.
Embodiment
Below in conjunction with embodiment, the present invention is described in further detail, but these embodiments must not be used for explaining limiting the scope of the invention.
Embodiment 1:
The implementation step that the present embodiment is used for the simple identity verification method of file transfer protocol (FTP) is as follows:
1) client and server presets the authentication cryptographic algorithm relevant to client-side information simultaneously;
2) client generates an authentication character string by authentication cryptographic algorithm in conjunction with self information and sends to server by File Transfer Protocol;
3) the File Transfer Protocol request of server receives client and the authentication character string of client transmission, generate target verification character string according to the client-side information that File Transfer Protocol request comprises by authentication cryptographic algorithm;
4) authentication character string and target verification character string compare by server, if authentication character string is identical with target verification character string, return File Transfer Protocol response code 230 to client; If authentication character string is different from target verification character string, return File Transfer Protocol response code 503 to client.
The present embodiment client-side information comprises IP address and the proxy IP address of client.
The present embodiment authentication cryptographic algorithm is the irreversible encryption algorithm be encrypted client-side information.
The present embodiment step 2) in client authentication character string are sent to by File Transfer Protocol to comprising during server, authentication character string and transmitting time are carried out reversible encryption packing; Step 3) in the File Transfer Protocol request of server receives client time comprise algorithmic match of being carried out by the packet of reception packing with reversible encryption decipherment algorithm obtain transmitting time wherein, if the transmitting time that deciphering obtains and current time difference exceed preset value, then return File Transfer Protocol response code 550.
The above is only the preferred embodiment of the present invention, protection scope of the present invention be not only confined to above-described embodiment, and all technical schemes belonged under thinking of the present invention all belong to protection scope of the present invention.It should be pointed out that for those skilled in the art, some improvements and modifications without departing from the principles of the present invention, these improvements and modifications also should be considered as protection scope of the present invention.
Claims (2)
1. the simple identity verification method for file transfer protocol (FTP), it is characterized in that implementation step is as follows: 1) client and server presets the authentication cryptographic algorithm relevant to client-side information simultaneously, described client-side information comprises IP address and the proxy IP address of client, and described authentication cryptographic algorithm is the irreversible encryption algorithm be encrypted client-side information; 2) client generates an authentication character string by authentication cryptographic algorithm in conjunction with self information and sends to server by File Transfer Protocol; 3) the File Transfer Protocol request of server receives client and the described authentication character string of client transmission, generate target verification character string according to the client-side information that File Transfer Protocol request comprises by authentication cryptographic algorithm; 4) described authentication character string and target verification character string compare by server, if authentication character string is identical with target verification character string, return File Transfer Protocol response code 230 to client; If authentication character string is different from target verification character string, return File Transfer Protocol response code 503 to client.
2. the simple identity verification method for file transfer protocol (FTP) according to claim 1 or 2 or 3, is characterized in that: described step 2) in client authentication character string are sent to by File Transfer Protocol to comprising during server, authentication character string and transmitting time are carried out reversible encryption packing; Described step 3) in the File Transfer Protocol request of server receives client time comprise algorithmic match of being carried out by the packet of reception packing with described reversible encryption decipherment algorithm obtain transmitting time wherein, if the transmitting time that deciphering obtains and current time difference exceed preset value, then return File Transfer Protocol response code 550.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410650482.5A CN104410612A (en) | 2014-11-14 | 2014-11-14 | A simple identity authentication method for a file transfer protocol |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410650482.5A CN104410612A (en) | 2014-11-14 | 2014-11-14 | A simple identity authentication method for a file transfer protocol |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104410612A true CN104410612A (en) | 2015-03-11 |
Family
ID=52648210
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410650482.5A Pending CN104410612A (en) | 2014-11-14 | 2014-11-14 | A simple identity authentication method for a file transfer protocol |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104410612A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106453448A (en) * | 2015-08-06 | 2017-02-22 | 北京奇虎科技有限公司 | Method for downloading target file and device thereof |
| CN111177732A (en) * | 2019-12-23 | 2020-05-19 | 杭州宇泛智能科技有限公司 | System debugging mode control method and system and electronic equipment |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080301455A1 (en) * | 2005-12-19 | 2008-12-04 | Sony Computer Entertainment Inc. | Authentication System And Authentication Object Device |
| CN102624526A (en) * | 2011-11-28 | 2012-08-01 | 苏州奇可思信息科技有限公司 | Simple identity authentication method for file transfer protocol (FTP) |
| CN103354498A (en) * | 2013-05-31 | 2013-10-16 | 北京鹏宇成软件技术有限公司 | Identity-based file encryption transmission method |
-
2014
- 2014-11-14 CN CN201410650482.5A patent/CN104410612A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080301455A1 (en) * | 2005-12-19 | 2008-12-04 | Sony Computer Entertainment Inc. | Authentication System And Authentication Object Device |
| CN102624526A (en) * | 2011-11-28 | 2012-08-01 | 苏州奇可思信息科技有限公司 | Simple identity authentication method for file transfer protocol (FTP) |
| CN103354498A (en) * | 2013-05-31 | 2013-10-16 | 北京鹏宇成软件技术有限公司 | Identity-based file encryption transmission method |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106453448A (en) * | 2015-08-06 | 2017-02-22 | 北京奇虎科技有限公司 | Method for downloading target file and device thereof |
| CN111177732A (en) * | 2019-12-23 | 2020-05-19 | 杭州宇泛智能科技有限公司 | System debugging mode control method and system and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10038693B2 (en) | Facilitating secure network traffic by an application delivery controller | |
| US11716390B2 (en) | Systems and methods for remote management of appliances | |
| EP3639498B1 (en) | Certificate pinning in highly secure network environments using public key certificates obtained from a dhcp (dynamic host configuration protocol) server | |
| US10601590B1 (en) | Secure secrets in hardware security module for use by protected function in trusted execution environment | |
| JP2014525709A5 (en) | ||
| CN101138218A (en) | Security protocols on incompatible transports | |
| CN110365701B (en) | Client terminal equipment management method and device, computing equipment and storage medium | |
| CN107018154B (en) | Router and routing method for connecting intranet and extranet based on application layer | |
| EP2820793A2 (en) | Method of operating a computing device, computing device and computer program | |
| CN110191052B (en) | Cross-protocol network transmission method and system | |
| EP2820585A2 (en) | Method of operating a computing device, computing device and computer program | |
| EP2706717A1 (en) | Method and devices for registering a client to a server | |
| CN104967590A (en) | Method, apparatus and system for transmitting communication message | |
| CN102624526A (en) | Simple identity authentication method for file transfer protocol (FTP) | |
| EP3970016A1 (en) | Control configuration for a plurality of endpoint devices | |
| JP2018516027A (en) | Server and client operation method, server, and client apparatus | |
| CN102624692A (en) | User identity authentication avoiding method based on hypertext transport protocol (HTTP) | |
| CN104410612A (en) | A simple identity authentication method for a file transfer protocol | |
| CN102685115A (en) | Resource access method, resource management device and system | |
| KR101971995B1 (en) | Method for decryping secure sockets layer for security | |
| CN109450849B (en) | Cloud server networking method based on block chain | |
| JP4775154B2 (en) | COMMUNICATION SYSTEM, TERMINAL DEVICE, PROGRAM, AND COMMUNICATION METHOD | |
| CN107135226B (en) | Transport layer proxy communication method based on socks5 | |
| CN103067282A (en) | Data backup method, device and system | |
| KR101785382B1 (en) | Method for authenticating client, operation method of client, server enabling the method, and communication software enabling the operation method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20150311 |
|
| WD01 | Invention patent application deemed withdrawn after publication |