Re: FTP/SSH question

From: Darren Tucker (dtucker_at_dodgy.net.au)
Date: 04/27/04


Date: Tue, 27 Apr 2004 02:17:22 +0000 (UTC)

In article <_Kijc.14007$e4.9848@newsread2.news.pas.earthlink.net>,
someone <someone@somewhere.com> wrote:
>What does it mean to connect to a server through FTP over SSH2 and using
>port 21? Is that port forwarding?

Yes, but because FTP is a pathologically evil protocol (at least as far
as firewalling and proxying is concerned :-) the SSH software needs
application-specific knowledge (ie the ability to decode the PORT
and PASV commands and act on them) in order to successfully forward it.

Not all clients have the ability. OpenSSH doesn't. I think the SSH.com
v2 clients do. Not sure about any others.

>By the way, that server does not accept sftp or scp, it accepts regular
>FTP clients on port 21 and FTP over SSH2 clients on port 21 as well. And
>the only client that I know work with it is SecureFx
><http://www.vandyke.com/products/securefx>.

Apparently this does too.

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.


Relevant Pages

  • Re: ftp Issue
    ... If your FTP server has only the regular port it will not be able to accept ... Passive is good fro clients bad ...
    (microsoft.public.windowsxp.general)
  • Re: Forward ftp request another server
    ... > I would like to forward ftp request to other server's other port to improve ... You know there are two ports involved with ftp; ... clients are more typically unable to use active mode. ... ftp will need to work very closely with the NAT firewall. ...
    (Focus-Linux)
  • Re: FTP/SSH question
    ... Is that port forwarding? ... but because FTP is a pathologically evil protocol (at least as far ... Not all clients have the ability. ... Good judgement comes with experience. ...
    (comp.security.misc)
  • Re: FTP/SSH question
    ... Is that port forwarding? ... but because FTP is a pathologically evil protocol (at least as far ... Not all clients have the ability. ... Good judgement comes with experience. ...
    (comp.security.unix)
  • Re: FTP access via ISA(proxy)
    ... The funny thing is I personally have Proxy 2.0 and can FTP via that.. ... My understanding was that IE was port mode unless you set the PASV setting ... this is a good lead into why your Domain Host clients ...
    (microsoft.public.isa)