Dear all, How can arrange an FTP_over_SSH solution on my server. what server toolswould i need for that? Thanks for help, Vitaly.
Vitaly Shishakov wrote:
Dear all,
How can arrange an FTP_over_SSH solution on my server. what server toolswould i need for that?
Hi Vitaly, You should look into using scp (it comes with ssh). If you already have ssh installed try "man scp" to read more about scp. It's what your looking for (I hope). :) Good Luck, Richard -- << "I do not feel obliged to believe that >> << the same God who has endowed us >> << with sense, reason, and intellect has >> << intended us to forgo their use." >> --Galileo Galilei ---***---***---***---***---***---***---***---***---***---***---***--- Richard Witt Phone: (330) 672-0096 Dept. of Physics, Kent State University Email: witt@cnr2.kent.edu ---***---***---***---***---***---***---***---***---***---***---***---
How can arrange an FTP_over_SSH solution on my server. what server toolswould i need for that?
Hi Vitaly,
You should look into using scp (it comes with ssh).
If you already have ssh installed try "man scp" to read more about scp. It's what your looking for (I hope). :)
What solution do you recommend when there are Windows-Clients and users with low skills? mfg ar -- mailto:andreas@rittershofer.de http://www.rittershofer.de PGP-Public-Key http://www.rittershofer.de/ari.htm
Andreas Rittershofer wrote:
What solution do you recommend when there are Windows-Clients and users with low skills?
Hello Andreas, One could try: http://www.jfitz.com/tips/ssh_for_windows.html Freeware ssh/scp clients for windows. -Richard ---***---***---***---***---***---***---***---***---***---***---***--- Richard Witt Phone: (330) 672-0096 Dept. of Physics, Kent State University Email: witt@cnr2.kent.edu ---***---***---***---***---***---***---***---***---***---***---***---
How about sftp? Of course, then you need an sftp client... but I think if you search google, you can find them. - Herman On Wed, 20 Jun 2001, Andreas Rittershofer wrote:
How can arrange an FTP_over_SSH solution on my server. what server toolswould i need for that?
Hi Vitaly,
You should look into using scp (it comes with ssh).
If you already have ssh installed try "man scp" to read more about scp. It's what your looking for (I hope). :)
What solution do you recommend when there are Windows-Clients and users with low skills?
mfg ar
-- mailto:andreas@rittershofer.de http://www.rittershofer.de PGP-Public-Key http://www.rittershofer.de/ari.htm
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
On Wednesday 20 June 2001 11:35 am, Andreas Rittershofer wrote:
How can arrange an FTP_over_SSH solution on my server. what server toolswould i need for that?
Hi Vitaly,
You should look into using scp (it comes with ssh).
If you already have ssh installed try "man scp" to read more about scp. It's what your looking for (I hope). :)
What solution do you recommend when there are Windows-Clients and users with low skills?
mfg ar
PuTTY: http://www.chiark.greenend.org.uk/~sgtatham/putty/ Great client :) -Steven
Vitaly, scp is good if you know exactly what files you want to copy. If you prefer an interactive line-mode ftp-style mode of working then you can use sftp. Both server and client are included in the 7.2 openssh package, but some earlier versions only included the server. Bob On Wed, 20 Jun 2001, Vitaly Shishakov wrote:
Dear all,
How can arrange an FTP_over_SSH solution on my server. what server toolswould i need for that?
============================================================== Bob Vickers R.Vickers@cs.rhul.ac.uk Dept of Computer Science, Royal Holloway, University of London WWW: http://www.cs.rhul.ac.uk/home/bobv Phone: +44 1784 443691
Vitaly Shishakov wrote:
Dear all,
How can arrange an FTP_over_SSH solution on my server. what server toolswould i need for that?
Thanks for help,
Vitaly.
Thank you all for response.
I used the advise below.
I tuned my ProFTPD so, that I allowed authorised logins only from
internal network and localhost,
and enabled that "AllowForeignAddress" feature, and disabled it for
annonymous logins, which are allowed from world-wide, like in the
following example. Hope this will work.
The other solution i use, is an FTP client from phpGroupware. (a
web-based groupware written in php, see
http://sf.net/projects/phpgroupware). I tuned it so, that it is
available only via https, and since the webserver and ftp-server are on
the same host, the described configuration lets authorized users to have
access to their home dirs via https.
############ cut samples from my /etc/proftpd.conf: ###########
AuthPAM on
AllowForeignAddress on
# Set the user and group that the server normally runs at.
User ftp
Group nogroup
.......etc.............
# deny login for everyone from Internet
<Limit LOGIN>
Order Allow,Deny
Allow from 192.168.0.,127.0.0.,
What i want to figure out, is that how should i make it in the way, i saw once in one company.
They used usual SSH port forwarding (using Secure CRT client for Windows) to access their web-server via ftp. (so, they just pointed their browsers to localhost:localport). Unfortunately, i do not remember, if they did it in active or passive mode, and i cant contact their former admins to figure out how they did it. sftp is a command line tool, and the solution described above should work with most FTP clients, (like Windows Commander in Windows)
I don't see how FTP can work with SSH's port forwarding, as you need to know the destination port beforehand in order to have sshd listen on that port. FTP's data connection setup always involves a dynamically assigned destination port, there's no difference between active and passive FTP there. The direction of the connection setup is different between the two, but the destination port is always dynamic and thus you'll have a hard time anticipating it. However, I suppose it is very possible to tunnel the FTP control connection via SSH and still have data transfer work, albeit *in the clear* outside of the tunnel. SSH does not parse the control connection in any way, so any PORT commands across it will arrive just fine and the data connection will be established outside of the SSH tunnel. This is what I expect happened at the shop you mention. But all of this is completely unproven and I haven't looked in any SSH documentation while writing this, so it's only a hunch.
Hi all, For tunneling a FTP connection via SSH, please have a look at http://www.ccp14.ac.uk/ccp14admin/security/secure_tunnelling_ftp.htm If you want a more flexible solution (easier to use), you can use sftp with a GUI frontend like iXplore from http://www.i-tree.org (Freeware) or even better (faster and more reliable during my testings) SecureFX from http://www.vandyke.com (30 day trial version). Cheers, Ralf
participants (6)
-
Andreas Rittershofer -
Bob Vickers -
Herman Knief -
Richard Witt -
Steven Hatfield -
Vitaly Shishakov