Re: [opensuse] FTP access via SSH tunnel

From: M Harris <harrismh777@xxxxxxxxxxxxx>
Date: Tue, 17 Apr 2007 18:19:37 -0500

On Tuesday 17 April 2007 17:02, Matthew Stringer wrote:

What I'm hoping to achieve is to create a bastion host box that allows SSH
connections from anywhere, I can then create users on that box who'll be
able to create an SSH tunnel to the FTP machines.

I have not run ftp /or telnet in production for years.

... the ssh tunnel is ok, but you could try scp instead of ftp.

In your situation you might try passive ftp... but either way its not the
best. From the looks of things the passive connection back is not working.
Standard ftp requires two sockets... one to make the connection (commands)
and the other to transmit the data... looks like the data socket isn't
authorized or is failing for some other reason. Are the boxes behind a
firewall on an 192.168 network using NAT (masquerading)? FTP does not
masquerade well without the ftp fix.

But back to my first point... really, IMHO you would do well to try scp. I
move files on my systems (even to the outside) exclusively with scp... its
the secure copy that ships with ssh.... can be compressed, encrypted, and
frankly is more flexible than FTP IMO.

--
Kind regards,

M Harris <><
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

Follow-Ups:
- Re: [opensuse] FTP access via SSH tunnel
  - From: Theo v. Werkhoven
- Re: [opensuse] FTP access via SSH tunnel
  - From: Matthew Stringer
- Re: [opensuse] FTP access via SSH tunnel - OT
  - From: Registration Account

References:
- [opensuse] FTP access via SSH tunnel
  - From: Matthew Stringer

Prev by Date: Re: [opensuse] Another problem authenticating with postfix.
Next by Date: Re: [opensuse] Can't make postfix to atutenficate to my ISP.
Previous by thread: [opensuse] FTP access via SSH tunnel
Next by thread: Re: [opensuse] FTP access via SSH tunnel - OT
Index(es):
- Date
- Thread

Relevant Pages

RE: Telnet/ftp problems SBS2000
... Please make sure your client computers are configured as both Firewall ... will find two options "Enable folder view for FTP sites" and "Use Passive ... that the control connection has been successfully established, ... (other than port 21) ...
(microsoft.public.windows.server.sbs)
Re: IPSwitch, Inc. WS_FTP Server
... > bounce attack as well as PASV connection hijacking. ... > The FTP bounce vulnerability allows a remote attacker to cause the ... > anonymously along with any internal addresses that the FTP server has ... That means it's got to handle a PORT ...
(Bugtraq)
Re: FTP question
... |> I have one server that has had connectivity issues this past week ... |> directed at trying yet another ftp software. ... |> or an error about the socket connection. ... |> own modem and a Linksey router using Xp 64bit system. ...
(microsoft.public.windowsxp.network_web)
Re: Does OpenSSH use RCP?
... TCP connection can be tuned for optimal performance. ... FTP command ... And then ssh comes along and crams interactive logins, ... straightjacket, but it's a really comfy and warm straightjacket, and the world ...
(comp.security.unix)
Re: Does OpenSSH use RCP?
... It's not "if I want to", it's rtfrfc: show me separate protocol ... I didn't say FTP was ugly, I said lack of another layer between ... >> One connection - one application model doesn't work, ... Same as FTP: multiple connections per session. ...
(comp.security.unix)