Hi,
On Mon, 25 Sep 2000, Daniel Woods wrote:
> not what FrontPage (Yuck) or other HTML editors use. From my
> understanding of tunnelling, the user would have to open up a ssh
> session with my server first and then let their FTP client (or HTML
> editor) send the files. But first their SSH config for my site would
> have to set up port forwarding (tunnelling) from local 21 to remote
> server (which port ?).
Two cases:
1) Your ftp server is reachable directly from your users' machines AND
your users' ftp clients support passive mode AND your ftp server doesn't
mind data and command connections from different ip addresses (your ssh
server and your user's client).
Then what you describe is right e.g.
ssh -L 21:yourftpsrv:21 yoursshsrv
Will set up a tunnel which will forward the command channel of the ftp
connection. The data channels will go directly (unencrypted) to your ftpd.
2) Your ftp server is NOT reachable directly from your users' machines AND
your users' ssh client supports ftp proxying (e.g. MindTerm from
www.mindbright.se/mindterm can do passive mode ftp, I think vandyke has
this functionality too in their SSH2 stuff, haven't tested it).
Example: set up a local tunnel in MindTerm with protocol ftp on port 21
locally to port 21 on ftp server and point your ftp program (passive mode
enabled) to port 21 locally and you're fine.
Cheers,
/Mats
