FTP transfer on SSH tunnel

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

I have a (propably) unusual situation and need your help getting this
through. Here=B4s the problem:

I have several Windows servers running FTP servers. Those servers are
used by one UNIX database box, which acts as a FTP client to get and
send files.

I want to make those transfers safe, and the first thought was to
migrate the FTP service to SCP. The solution would then require us to
buy all those Windows FTP server a SCP/SFTP Server license. Free
software is not an option (...).

What I want to do is to install a SSH client on my Windows server, and
estabilish a tunnel from them to my UNIX server. Then, redirect the FTP
requisitions started on the UNIX server to use the tunnel and get to
the correct Windows server, where it comes out the tunnel and is sent
to the FTP service.

In sum, the FTP server will be the SSH client (creating the tunnel),
and the FTP client will be the SSH server.

Is it possible? Is that reasonable?

Fernando Nachtigall

Re: FTP transfer on SSH tunnel

Fernando Nachtigall napsal(a):
Quoted text here. Click to load it
Tunneling FTP protocol is not good solution because of two FTP
connections and sending TCP/IP addresses in the control connection. (It
is possible to do it, but you need FTP protocol [port, pasv] commands
and replies manipulation or use something like FTP proxy.)

You should choose another secure protocol, e.g. FTPS (this is something
_else_ than SFTP). In this case SSL/TSL standardized extensions for FTP
protocol exist. Does windows FTP server support it (without additional

Or you has to secure lower layer under the FTP relation. Use any VPN
solution (IPsec, openvpn).


Site Timeline