
MacOS High Sierra Kills Terminal FTP - helper
https://discussions.apple.com/thread/8093031
======
wtallis
The terminal application still includes ftp as an option in the "New Remote
Connection" dialog, but attempting to use it pops up a dead terminal window
with a "Command not found" error. Whoever decided to remove the command-line
ftp program didn't to a good job of cleaning up after themselves.

~~~
kalleboo
iOS has a bug like this where Game Center has a Facebook share link that
relies on the now-removed system Facebook login

------
pilif
High Sierra has also removed telnet which is useful not for unencrypted access
to remote shells, but for quick testing of TCP port availability at remote
end. Yes. There’s nc to do the same thing, but then there is also muscle-
memory built since the mid 90ies

On the other hand, I get where Apple is coming from: those two tools are
decades old and pretty much unmaintained. By not shipping them by default,
they can reduce the attack surface (code not shipped won’t have
vulnerabilities)

If you need command line FTP and telnet access, you can of course use homebrew
to get them back.

~~~
runjake
ln -s /usr/bin/nc /yourpath/bin/telnet

The command-line options are the same.

~~~
ztjio
Don't do this. Contrary to popular belief, telnet is a protocol beyond simply
opening a bidirectional pipe over a socket. There are negotiation steps and
the like.

Just install telnet if you need it. It's not like Apple actually wrote these
apps anyway. Install them trivially with brew, telnet, ftp, whatever old
garbage you need.

Funny thing is I just BARELY needed to install telnet. Well, "needed." I
wanted to relive some old BBS memories.

------
chmaynard
Apple engineers often make technical decisions that affect developers but go
unreported for various reasons. This seems like a classic example. When I
worked at Apple, some of us had a saying: "Apple knows what its users need and
we give it to them -- good and hard."

~~~
Doctor_Fegg
Yeah, the problem with High Sierra is that Apple forgot the “good”.

------
WhyNotHugo
Given that FTP is insecure, and we've had SFTP as a replacement since 1999, I
honestly don't see anything wrong here.

What's really a shame, is that so many providers still _only_ support FTP.

~~~
marmaduke
that’s a narrow view. Maybe I need to debug an old server on the intranet?
Maybe some provider only allows FTP downloads with checksums via HTTPS?

Protocols should become useless before dropping the client from standard
distributions.

~~~
sbierwagen
If you have ssh access, you have sftp access. If your company still uses
rlogin and ftp, then get a new job before they get hacked and blame whoever
touched the server last.

~~~
noobermin
I use a petaflop system everyday to run computational simulations. The tape
system is accessed via rcp because it's connected via intranet to the login
nodes. I'm not saying ftp over the internet has valid uses, it probably
doesn't, but if it's in a controlled environment, why not?

What's next, is mac going to obsolete telnet? There goes a host of quick tests
you can utilize on a home network.

~~~
dan1234
telnet doesn't exist on my Mac (High Sierra). It also doesn't exist on my
linux server (Debian 9).

Easily fixable with `brew install telnet` and `sudo apt install telnet`.

------
raverbashing
I'm with Apple on this, though obviously the decision wasn't communicated in s
transparent fashion

Haven't touched the ftp cmd line in 15 years, there are much better (and
safer) alternatives

------
joosters
In the old days, people complained when Microsoft added a program to their OS,
because it competed with third parties.

Nowadays, people complain when Apple removes a program from their OS, even
when there are plenty of third party options...

------
alt_f4
High Sierra - too secure for FTP, not secure enough to not allow root login
with a blank password

------
carlosrg
Why Apple doesn't release comprehensive release notes about this kind of
system-level changes? (Or maybe I've just missed them?) Why surprise the users
after they've upgraded?

~~~
chmaynard
A quick Google search came up with "macOS 10.13 High Sierra SDK Release
Notes":

[https://developer.apple.com/library/content/releasenotes/Gen...](https://developer.apple.com/library/content/releasenotes/General/RN-
macOSSDK-10.13/index.html)

Is this pathetic document the best Apple can do?

~~~
majewsky
That feeling when the release notes for programs you write for your own use
only are more comprehensive than those of a widely used desktop operating
system.

------
myrandomcomment
If you need ftp you should be smart enough to install it from home brew or
macports. Sloppy not removing it from the GUI however.

~~~
arbie
Why ship Terminal by default, then?

The vast majority of MacOS users will never launch it.

~~~
myrandomcomment
I really hope you are not being serious.

Well I cannot install the terminal without the terminal. :) brew install
terminal hum...

The fact of the matter is that FTP is pretty much a no-op for 99.9% of the
MacOS using public. Apple has to maintain, test, etc. everything they ship (I
hope..).

Now given that a Mac is pretty much the default laptop here in the valley for
SW dev, I would say unlike FTP, the terminal gets used.

Removing stuff that is not used by most of the users only makes sense. As long
as they do not stop a power user from installing what they want all is good.

------
damm
brew install lftp

ncftp is also a good choice; i can't speak for anything else as I haven't used
them.

~~~
amjd
Have you tested this on High Sierra? If it is a "more secure" operating system
like the link mentions, I was under the impression programs like these would
be blocked on the system level.

~~~
csydas
I appreciate you're being catty, but the idea is to not have it installed by
default where persons who aren't aware of it (majority of Mac users) may be
affected by whatever concern they have. Users who want or need FTP are likely
capable of finding any number of ways of bring it back to their system.

~~~
amjd
My question wasn't entirely snark. I was genuinely curious if Apple has made
it harder to install insecure programs like that. Otherwise, the move just
doesn't seem very effective to me.

------
tambourine_man
Which do you think is the more common scenario:

\- Being hacked by sending a mom-and-pop website password in clear text

\- Typing ftp twice at the command line, only to realize you need to install
brew and then ftp (or FileZilla, Cyberduck) on a foreign Mac

