Eduardo Gargiulo <ejg-debian@ar.homelinux.org> [2002-08-28 11:58:27 -0400]: > I need to forward ftp port with ssh. It requires that ftp server allows > passive connections. How can I configure proftpd to do that? Is there > someone in the list that help me with this problem? > I'm running debian/potato and proftpd 1.2.0pre10-2.0 Even passive ftp is not enough to be able to forward through a specific port. The passive mode only specifies the 'direction' of the connections. But the connections still happen on random and unpredictable ports. The data is sent 'out of band' from the control. Which solves one problem but creates another. The one created is that the data is sent by a separate connection. In the kernel firewall rules an ftp module is loaded which dynamically tracks ftp connections, follows the activity, sees that a dynamic data connection is getting established, allows that one port through, etc. A specific module handles ftp specifically because it is so well known. But no ftp module for ssh forwarding exists. That would be interesting but not really needed. If you can ssh then you don't need ftp. Just use ssh copy 'scp' to copy the data. I recommend using 'rsync -e ssh' for a copy program will all of the functionality including kitchen sink thrown in. If you require an ftp like interface then use ssh ftp 'sftp' which uses ssh but with a new subsystem which provides an ftp like interface. Be forewarned however that sftp is not as mature of code and some issues such as performance are being worked upon. Bob
Attachment:
pgprJwTY4VsiT.pgp
Description: PGP signature