The HEASARC Transition from FTP to FTPS

As part of a general Federal policy that requires all network communications to be encrypted, the HEASARC has phased out access to unencrypted HEASARC FTP. FTP access was disabled as of September 20, 2019.

The HEASARC will still support TLS-encrypted FTP, a.k.a. FTPS. Note that FTPS should not be confused with SFTP, which, despite its similar name, is not related to traditional FTP. Specifically, the HEASARC will support explicit, passive-mode FTPS connections. Implicit FTPS is not supported, nor is active mode FTP.

Implications of This Transition for the User

Browsers

Most web browsers (Chrome, Firefox, etc.) do not support FTPS; however, users should typically be able to replace FTP URLs with HTTPS-based URLs, e.g.,

   ftp://heasarc.gsfc.nasa.gov/rosat/data/ ->
   https://heasarc.gsfc.nasa.gov/FTP/rosat/data/

Note that for the HEASARC you must specify the additional FTP directory when transforming an FTP URL to HTTPS. Thus, if you have been browsing the HEASARC archive directly by entering FTP URLs into a browser, you will need to specify https://heasarc.gsfc.nasa.gov/FTP now.

Scripts

Existing scripts are likely to require some modification to handle FTPS. In some cases, switching to HTTPS URLs as described above might be all that is needed — i.e., just switch to the secure HTTPS protocol and insert "/FTP" immediately after the heasarc.gsfc.nasa.gov hostname. If that is not feasible or desirable, many tools (e.g., CURL and recent versions of WGET) support FTPS, but generally these require additional specific arguments in order to initiate an SSL-based session. Scripts using WGET or CURL with HEASARC FTP URLs will likely need to be modified. See below for details. Note that the URL that is used with CURL will still be specified as ftp://heasarc.gsfc.nasa.gov even after the transition to FTPS. A very nice list of FTPS supporting tools and clients is available at the Space Physics Data Facility's FTPS transition page.

CFITSIO

The HEASARC has updated the CFITSIO library so that it will transparently handle both FTP and FTPS. This is included in versions of HEASoft 6.26 (released May 21, 2019) and later. When the updated library is given an FTP URL, it will first attempt one protocol and, if that fails, will then automatically attempt the other protocol. In principle, FTOOLS linked with the updated library — and scripts that use them — should not need to be changed because of the transition.

What You Can Do

We strongly urge users to check for any FTP dependencies in their scripts and processes that access the HEASARC. You should update any scripts which use WGET or CURL immediately, but please check whether the FTPS software you plan to use is compatible with the HEASARC's implementation.

Try one or both of the following commands:

   curl --ftp-ssl -o sv.fits.Z ftp://heasarc.gsfc.nasa.gov/rosat/data/pspc/processed_data/200000/rp200686n00/rp200686n00_im1.fits.Z
or
   wget ftps://heasarc.gsfc.nasa.gov/rosat/data/pspc/processed_data/200000/rp200686n00/rp200686n00_im1.fits.Z

to retrieve a particular ROSAT image, for example. WGET added support for FTPS in version 1.17. You can check which version of WGET you have with 'wget --version'.

If you have questions or encounter problems, please contact the HEASARC Help Desk.


HEASARC Home | Observatories | Archive | Calibration | Software | Tools | Students/Teachers/Public

Last modified: Monday, 08-May-2023 21:32:18 EDT