Re: sftp ls stalls with certain IP configurations

From: Jonathan Greenberg (greenberg@ucdavis.edu)
Date: 02/21/03 

From: Jonathan Greenberg <greenberg@ucdavis.edu>
Date: Fri, 21 Feb 2003 17:53:26 GMT

But this doesn't explain why I CAN connect to my machine via ssh and sftp
and only "ls" fails when connecting from the outside world. Any ideas why
this might be?

--j

On 2/20/03 8:29 PM, in article m1ladgqcl3h.fsf@syrinx.oankali.net, "Richard
E. Silverman" <slade@shore.net> wrote:

>
>> Sftp username@(earthlink assigned internal dynamic ip)
>> Type password, type "ls", all still works fine.
>>
>> sftp username@(my dynamic ip as seen from the outside world) (from outside
>> Earthlink, usually from campus -- this external ip is NOT the same as the
>> internal earthlink assigned ip)
>
> If the address assigned to your machine (by DHCP, PPP, or whatever) is not
> the same as what appears as the source address for connections initiated
> from that machine to elsewhere, then there is a NAT gateway between you
> and the outside world. Some ISP's do this as a matter of course. It's
> evil, because NAT is evil: you are not getting full IP connectivity to the
> Internet for your money. You will not be able to make any connections to
> your machine from elsewhere; you have (limited) outbound connectivity
> only.
>
> Using the "external dynamic IP" (as you're calling it) on your machine is
> meaningless; that address (if it's even always the same, which is
> unlikely) only corresponds to your machine on the other side of the NAT
> gateway, and only in the context of existing nat'ed network flows (TCP
> connections, UDP query/response pairs, etc.).

Relevant Pages

  • Re: sftp ls stalls with certain IP configurations
    ... >>sftp username@(from outside ... because NAT is evil: you are not getting full IP connectivity to the ... > Internet for your money. ... You will not be able to make any connections to ...
    (comp.security.ssh)
  • Re: Demand-dial Interface and/or new Broadband connection?
    ... Review the article in the link below from Microsoft on how to configure NAT ... You should only have to create the network ... connections in "network connections" for NAT. ... > Internet through the Windows Server 2003 machine. ...
    (microsoft.public.windows.server.networking)
  • Re: Looking for program that emails me when dhcp addr changes
    ... to the Internet, not in the way God intended. ... participate in TCP connections or UDP conversations it initiates but ... The sheer ugliness of NAT is breathtaking. ... broadcast, push-only model of content distribution, helping turn the Net ...
    (comp.security.ssh)
  • Selective source-NAT from Internet to internal host
    ... I have a Cisco 1605R which has a single public (Internet facing) IP address. ... I've configured IP NAT rules such that a connection from the Internet to ... Internet hosts making these connections - however, ... (Excerpt from my IOS config attached below) ...
    (comp.dcom.sys.cisco)
  • Re: difference between FTP and SFTP
    ... FTP can use Active or Passive ... Is SFTP also supports such modes? ... Active vs passive has to do whether both the server and the client ... make connections or only the client makes ...
    (perl.beginners)