Your best friend for file transfer.Fetch
Fetch Help > Preferences > Security
- General: Warn before sending password insecurely
- When this box is checked, Fetch will warn you whenever you try to send your password unencrypted and insecurely. This is good if you usually connect to secure servers via SFTP, FTP with TLS/SSL, Kerberos, or One-Time Password, because you will be warned if you accidentally try to connect to an insecure server, or if a secure server isn't working properly and requests a password insecurely. However, when this preference is selected, you will receive warnings even if a server does not support secure connections — and most FTP servers require unencrypted passwords. Unchecked by default.
- SFTP: Ask before accepting unknown host keys
- When this box is checked, Fetch will warn you when you try to connect to an SFTP server you haven't connected to previously. Accepting an SSH host key from a server says, "I trust this server from now on." If you want to double-check that you really want to trust a server before connecting, check this preference. See the SFTP host identity help topic for more information. Unchecked by default.
- Kerberos: Warn before sending password insecurely to Kerberos servers
- When this box is checked, Fetch will warn you when you try to send your password insecurely to a server that supports Kerberos, that is, you are not taking advantage of the server's security support. This could happen because you didn't specify FTP with KClient or FTP with GSSAPI in the New Connection dialog when connecting to the server, because the server is not working properly, or possibly because the server mistakenly claims to support security. This preference does not apply to SFTP or One-Time Password connections. See this help topic for more information. Unchecked by default.
- Kerberos: Always check protection level on incoming data
- When this box is checked, Fetch will warn you when a server starts sending unencrypted data over an encrypted Kerberos connection. If that happens, it could mean that the server, or your connection to it, has been compromised. This preference does not apply to SFTP or FTP with TLS/SSL connections. See this help topic for more information. Checked by default.
- Kerberos: Specify GSSAPI channel bindings
- When this box is checked, Fetch will specify GSSAPI channel bindings. If you are connecting using FTP with GSSAPI from behind a Network Address Translation (NAT) device or router, you may need to uncheck this box to get a successful connection. Consult your network administrator or support if you continue to have problems. Checked by default.