mindterm client <> ssh client

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
dear all,

i have the following architecture:

Machine A --- Firewall -- Machine B --- internet --- external ftp site

Machina A is fedora core 3
Machine B is red hat 9

I would like to use ssh port forwarding in order to sit on Machine A
and type:

ftp 21

and get a login prompt from the external ftp site (through machine B)

the problem is: if i use the minderm java ssh client port forwarding
works nicely with ftp (both passive and active mode).

if i use the standard ssh client that come with fedora core 3 it works
with a lot of protocol but not with ftp.

i can imagine that this is related to the nature of ftp but my question is:
why mindterm do port forwarding with ftp but ssh client from the console

i tried option -g (man ssh) but nothing change...

i red about an ftp plugin in the mindterm client...but what is it exactly?


Re: mindterm client <> ssh client

Quoted text here. Click to load it

FTP is extremely portforward (and firewall) unfriendly: It embeds IP
addresses and port numbers in the control stream.

Some SSH implementations have code in them to specifically understand
the FTP protocol and react accordingly.  OpenSSH doesn't.

Quoted text here. Click to load it

That's probably what I mentioned above.

If your FTP client supports passive mode and SOCKS (or if you use
an external SOCKSifer such as "runsocks" or "socksify") then ssh's
DynamicForward should work.

Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

Re: mindterm client <> ssh client

Quoted text here. Click to load it

It is a port forward with a sepcial filter on top of it. This filter
understands the FTP protocol and opens/closes additional port-forwards as
neccessary. It also modifies the FTP command stream so that both ends
see the correct host/port combinations.

So by looking at and modifying the FTP command stream we can stear the
data streams into our tunnels.


Site Timeline