GSSAPI Dialog Box

Hummingbird Neighborhood

previous page next page

GSSAPI Dialog Box

To access

This dialog box lets you specify the settings used to encrypt the data transferred between your PC and the FTP server using Kerberos security.

Transmit/Receive Unencrypted Commands—Select this check box if you want the FTP commands to be unencrypted. This option is beneficial if you want to troubleshoot the messages sent to the FTP server.

Note: 
   It is recommended that you clear this check box since secondary passwords can be transmitted unencrypted and the server may reject this command. By default, this option is OFF.

GSSAPI Service Name (e.g. host or ftp)—Specifies the GSSAPI service name, a short alphanumeric text string, which is used by Kerberos service-based tickets. For example, the service name “ftp” is used for file transfer, FTP. The default is “host”.

Protected Buffer Size—Specifies the amount of data that is encrypted. The default is 16,000 bytes.

Data Channel Protection Level—Specifies the extent to which the channel between the server and your PC is protected and secure.

Encrypted and Protected with Checksum—Indicates that the data transferred between your PC and the FTP server will be encrypted and a checksum will be computed for the Kerberos message. If different keys were used for encryption and decryption or if the ciphertext was modified, the checksum will not match the data. This setting offers the most security and integrity of transferred data.

No Encryption or Protection—Indicates that the data transferred between your PC and the server will not be encrypted or protected with a checksum which proves that the data was not modified. This option is beneficial if you want authentication but not encryption. For example, if you are using IPSec, a network protocol, you might not want to encrypt or protect the data, since data encryption is already built into IPSec. You might also select this option for testing purposes.

Protected with Checksum Only—Indicates that the data transferred between your PC and the server will not be encrypted, but a checksum will be computed for the Kerberos message. This checksum is used to prove the integrity of the transferred data.

Kerberos Client—Specifies the Kerberos client you want to use to encrypt the FTP session.

Import Windows Tickets—Copies your Kerberos tickets from the Microsoft store into the MIT Kerberos cache. This option is available if you select Hummingbird Connectivity Kerberos for Kerberos Client.

Note: 
   If your setup does not use Microsoft credentials, it is recommended that you do not enable this option. If you are unsure, see your system administrator.

Related Topics

General Page (FTP Site Properties Dialog Box)

Advanced Page (FTP Site Properties Dialog Box)

Firewall/Proxy Page (FTP Site Properties Dialog Box)

Other Page (FTP Site Properties Dialog Box)

previous page start next page