Mailinglist Archive: opensuse (3560 mails)
| < Previous | Next > |
[opensuse] FTP access via SSH tunnel
- From: Matthew Stringer <qube@xxxxxxxxxxxxxx>
- Date: Tue, 17 Apr 2007 23:02:37 +0100
- Message-id: <200704172302.37550.qube@xxxxxxxxxxxxxx>
Hi,
I've several oS10.2 boxes running pure-ftpd. they're sat behind a firewall
that only allows access to the FTP service from certain IP addresses.
What I'm hoping to achieve is to create a bastion host box that allows SSH
connections from anywhere, I can then create users on that box who'll be able
to create an SSH tunnel to the FTP machines.
So ssh -L 21:FTP-Machine:21 user@bastion to create the tunnel.
then ftp to localhost should connect you.
I've read several how-to's which suggest the above will work fine, and
although I can connect I can't actually do anything.
ayane:/etc/ssh # ftp localhost
Trying 127.0.0.1...
Connected to localhost.
220-Welcome to Pure-FTPd.
220-You are user number 1 of 10 allowed.
220-This is a private system - No anonymous login
Name (localhost:root): matts
331 User matts OK. Password required
Password:
230-User matts has group access to: users
230-This server supports FXP transfers
230 OK. Current restricted directory is /
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
229 Extended Passive mode OK (|||43818|)
425 Can't create the data socket: Invalid argument
200-FXP transfer: from xxx.xxx.xxx.xxx to 127.0.0.1
200 PORT command successful
425 Could not open data connection to port 11573: Connection refused
ftp>
I can't use sftp or something else due to the specific ftp client my users
have, I can't alter the FW to allow access from my users IP's as they're on
dynamic connections.
Can someone suggest a way forward, would be quite useful to get this working.
Matthew
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
I've several oS10.2 boxes running pure-ftpd. they're sat behind a firewall
that only allows access to the FTP service from certain IP addresses.
What I'm hoping to achieve is to create a bastion host box that allows SSH
connections from anywhere, I can then create users on that box who'll be able
to create an SSH tunnel to the FTP machines.
So ssh -L 21:FTP-Machine:21 user@bastion to create the tunnel.
then ftp to localhost should connect you.
I've read several how-to's which suggest the above will work fine, and
although I can connect I can't actually do anything.
ayane:/etc/ssh # ftp localhost
Trying 127.0.0.1...
Connected to localhost.
220-Welcome to Pure-FTPd.
220-You are user number 1 of 10 allowed.
220-This is a private system - No anonymous login
Name (localhost:root): matts
331 User matts OK. Password required
Password:
230-User matts has group access to: users
230-This server supports FXP transfers
230 OK. Current restricted directory is /
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
229 Extended Passive mode OK (|||43818|)
425 Can't create the data socket: Invalid argument
200-FXP transfer: from xxx.xxx.xxx.xxx to 127.0.0.1
200 PORT command successful
425 Could not open data connection to port 11573: Connection refused
ftp>
I can't use sftp or something else due to the specific ftp client my users
have, I can't alter the FW to allow access from my users IP's as they're on
dynamic connections.
Can someone suggest a way forward, would be quite useful to get this working.
Matthew
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
| < Previous | Next > |