On Tuesday 17 April 2007 17:02, Matthew Stringer wrote:
What I'm hoping to achieve is to create a bastion host box that allows SSH connections from anywhere, I can then create users on that box who'll be able to create an SSH tunnel to the FTP machines. I have not run ftp /or telnet in production for years.
... the ssh tunnel is ok, but you could try scp instead of ftp. In your situation you might try passive ftp... but either way its not the best. From the looks of things the passive connection back is not working. Standard ftp requires two sockets... one to make the connection (commands) and the other to transmit the data... looks like the data socket isn't authorized or is failing for some other reason. Are the boxes behind a firewall on an 192.168 network using NAT (masquerading)? FTP does not masquerade well without the ftp fix. But back to my first point... really, IMHO you would do well to try scp. I move files on my systems (even to the outside) exclusively with scp... its the secure copy that ships with ssh.... can be compressed, encrypted, and frankly is more flexible than FTP IMO. -- Kind regards, M Harris <>< -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org