Kerberized File Transfer Protocol (FTP) at MIT

Kerberized FTP provides secure authentication of your file transfer protocol (FTP) sessions without passing your Kerberos password in the clear across the internet.

Kerberized FTP programs intercept cleartext userIDs/passwords used by unauthorized intruders to log in to various machines and wreak havoc. Sending your password over the network in the clear is a grave security risk. Avoid this kind of theft by using secure FTP whenever possible.

Important: Both client and server must be running Kerberos in order for the connection to be secure: contact your server administrator to verify.

Why use Kerberized FTP?

Computer security is a concern at MIT. Security breaches have been posed from within and outside the Institute. Among the breaches are snoopers who use "packet sniffing" tools, which are widely available and impossible to detect. These tools let snoopers capture userids, passwords, and other data transmitted across a network, thus allowing unauthorized access to accounts and files on the Internet.

If you use FTP to move files between computers, e.g., moving HTML files from your computer to an Athena locker, you should be concerned about protecting your username and password. Insecure FTP applications transmit these items "in the clear" (without protection).

Protect your userid and password when you FTP using a program with Kerberos authentication (e.g., Kerberized FTP). This proves to a remote host that you really are you, without sending your password.

Note: All file transfers to Athena must use the SSH File Transfer Protocol (SFTP). Attempting to connect via Kerberized FTP will result in a "Connection refused" error. Learn more.

Obtain Kerberized FTP