[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ssh forwarding and ftp

To: SILUG <silug-discuss@silug.org>
Subject: Re: ssh forwarding and ftp
From: KoReE <koree@ameth.org>
Date: Sat, 6 Apr 2002 13:04:37 -0600 (CST)
In-Reply-To: <65LHVQ42MGFSPPNPOVSE952URSN51VP.3caf32d6@win2k>
Organization: Southern Illinois Linux Users Group
Reply-To: silug-discuss@silug.org
Sender: silug-discuss-owner@silug.org
I have looked at sftp.  I've had just as much trouble with it.  I've added
the subsystem:

Subsystem	sftp	/usr/libexec/sftp-server

and I get this when I do it locally:

squishy /home/koree > sftp ameth.org
Connecting to ameth.org...
Welcome to
 _______               __         __
|     __|.-----.--.--.|__|.-----.|  |--.--.--.
|__     ||  _  |  |  ||  ||__ --||     |  |  |
|_______||__   |_____||__||_____||__|__|___  |
            |__|                       |_____|

koree@ameth.org's password:
Request for subsystem 'sftp' failed on channel 0
Connection closed

And this when I try to do it from another machine running openssh...

sftp> ls
Warning: child process (ssh2) exited with code 0.

I'm digging around for info.

Koree
____________________________________
Koree A. Smith  | Ameth Technologies
koree@koree.net | koree@ameth.org
     http://www.koree.net/

"With my feet upon the ground I move myself
between the sounds and open wide to suck it in,
I feel it move across my skin.
I'm reaching up and reaching out,
I'm reaching for the random or what ever will bewilder me.
And following our will and wind we may just go where no one's been.
We'll ride the spiral to the end and may just go where no one's been."

On Sat, 6 Apr 2002, Jamon Terrell wrote:

> I'm not quite sure why you want to do this, but it seems as though you're trying to do secure file
> transfers via ftp protocol.  Though I see you've figured this out already, you might want to look at the
> sftp command, based off of the ssh protocol.  This has two nice advantages over ftp, first, it's
> natively encrypted, so it's not complicated to setup a port forward to do it, second, it actually USES
> the ssh protocol and thus it's port to do it's functions, meaning you don't have to open another port
> (several reasons for this which i won't go into right now).  I can however see situations where you'd
> need to do it by forwarding instead of sftp, for example if the box is behind a firewall(which runs
> ssh), but the box itself does not run ssh, or is even a windows box.
>
> anyway, enough rambles for me today...
> --Jamon Terrell
>
>
> 4/5/2002 8:14:48 PM, KoReE <koree@ameth.org> wrote:
>
> >Alright, I got it fixed....at least with proftpd.  The
> >"AllowForeignAddress on" should be in the global or virtualhost section of
> >the proftpd config.  So, if anyone else tries to do this, make sure you
> >make that change and restart the server.
> >
> >Koree
> >____________________________________
> >Koree A. Smith  | Ameth Technologies
> >koree@koree.net | koree@ameth.org
> >     http://www.koree.net/
> >
> >"With my feet upon the ground I move myself
> >between the sounds and open wide to suck it in,
> >I feel it move across my skin.
> >I'm reaching up and reaching out,
> >I'm reaching for the random or what ever will bewilder me.
> >And following our will and wind we may just go where no one's been.
> >We'll ride the spiral to the end and may just go where no one's been."
> >
> >On Fri, 5 Apr 2002, KoReE wrote:
> >
> >> Wow, I feel like I'm talking to myself when I keep replying to my own
> >> messages :D Many of the pages that document connecting to proftpd say that
> >> "AllowForeignAddress on" should be specified in the config for proftpd for
> >> ssh forwarding to work.  Well, I did this, and restarted proftpd, and it
> >> did not help.  Same error.  Anyway, just wanted to give a heads up to
> >> anyone else trying to do this.
> >>
> >> Koree
> >>
> >> ____________________________________
> >> Koree A. Smith  | Ameth Technologies
> >> koree@koree.net | koree@ameth.org
> >>      http://www.koree.net/
> >>
> >> "With my feet upon the ground I move myself
> >> between the sounds and open wide to suck it in,
> >> I feel it move across my skin.
> >> I'm reaching up and reaching out,
> >> I'm reaching for the random or what ever will bewilder me.
> >> And following our will and wind we may just go where no one's been.
> >> We'll ride the spiral to the end and may just go where no one's been."
> >>
> >> On Fri, 5 Apr 2002, KoReE wrote:
> >>
> >> > This is even stranger output when using a slightly different command line:
> >> >
> >> > squishy /home/koree > ssh -C -f -L 6021:euclid.mvn.net:21 -l koree
> >> > euclid.mvn.net sleep 5 ; ftp localho
> >> > st 6021
> >> > koree@euclid.mvn.net's password:
> >> > Trying ::1...
> >> > Connected to localhost.
> >> > 220 euclid.mvn.net FTP server (Version 6.2/OpenBSD/Linux-0.11) ready.
> >> > Name (localhost:koree): koree
> >> > 331 Password required for koree.
> >> > Password:
> >> > 230- Welcome to Euclid
> >> > 230 User koree logged in.
> >> > Remote system type is UNIX.
> >> > Using binary mode to transfer files.
> >> > ftp> ls
> >> > 500 'EPSV': command not understood.
> >> > 500 'LPSV': command not understood.
> >> > 500 'EPRT |2|::1|2181|': command not understood.
> >> > 500 'LPRT 6,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,2,8,133': command not
> >> > understood.
> >> > ftp: bind: Address already in use
> >> > ftp>
> >> >
> >> > I know this has something to do with the helper ports that ftp calls up
> >> > for data transfers, but I don't know how to make this work.  All of the
> >> > instructions I see around the net tell me to do little more than a command
> >> > line like the above, and make sure passive mode is on.
> >> >
> >> > Koree
> >> > ____________________________________
> >> > Koree A. Smith  | Ameth Technologies
> >> > koree@koree.net | koree@ameth.org
> >> >      http://www.koree.net/
> >> >
> >> > "With my feet upon the ground I move myself
> >> > between the sounds and open wide to suck it in,
> >> > I feel it move across my skin.
> >> > I'm reaching up and reaching out,
> >> > I'm reaching for the random or what ever will bewilder me.
> >> > And following our will and wind we may just go where no one's been.
> >> > We'll ride the spiral to the end and may just go where no one's been."
> >> >
> >> > On Fri, 5 Apr 2002, KoReE wrote:
> >> >
> >> > > Okay, so I've always wanted to do this, but been too lazy.  I've been
> >> > > trying to set up a port-forwarded ftp session all friggin' night, and
> >> > > while it works, it doesn't work.  Here's an example session:
> >> > >
> >> > > koree@euclid:~ > ssh -L 6021:ameth.org:21 -l koree ameth.org
> >> > > koree@ameth.org's password:
> >> > > Last login: Fri Apr  5 18:56:41 2002 from dns.scrivner.com
> >> > >
> >> > > etc...I know I could put that in the background, etc, but I'm not worried
> >> > > about that right now.  So, I open up another term to euclid and ftp to
> >> > > localhost, port 6021:
> >> > >
> >> > > koree@euclid:~ > ftp localhost 6021
> >> > > Connected to localhost.
> >> > > 220 ProFTPD 1.2.4 Server (ameth.org) [ameth.org]
> >> > > Name (localhost:koree): koree
> >> > > 331 Password required for koree.
> >> > > Password:
> >> > > 230 User koree logged in.
> >> > > Remote system type is UNIX.
> >> > > Using binary mode to transfer files.
> >> > > ftp>
> >> > >
> >> > > Woohoo!! I'm in!!
> >> > >
> >> > > Next, I check passive mode:
> >> > >
> >> > > ftp> passive
> >> > > Passive mode on.
> >> > >
> >> > > Yeehaw!!  It's on
> >> > >
> >> > > Next, I do an ls:
> >> > >
> >> > > ftp> ls
> >> > > 227 Entering Passive Mode (206,152,121,49,8,98).
> >> > >
> >> > > And it hangs....and hangs......and hangs......it's still hanging right
> >> > > now.
> >> > >
> >> > > So, I stop it and turn passive mode off:
> >> > >
> >> > > ftp> passive
> >> > > Passive mode off.
> >> > > ftp> ls
> >> > > 500 Illegal PORT command.
> >> > > ftp: bind: Address already in use
> >> > >
> >> > > This is the point where I turn to whiskey...
> >> > >
> >> > > Anyone have *any* idea what I need to do here?  What I'm missing?
> >> > >
> >> > > Koree
> >> > > ____________________________________
> >> > > Koree A. Smith  | Ameth Technologies
> >> > > koree@koree.net | koree@ameth.org
> >> > >      http://www.koree.net/
> >> > >
> >> > > "With my feet upon the ground I move myself
> >> > > between the sounds and open wide to suck it in,
> >> > > I feel it move across my skin.
> >> > > I'm reaching up and reaching out,
> >> > > I'm reaching for the random or what ever will bewilder me.
> >> > > And following our will and wind we may just go where no one's been.
> >> > > We'll ride the spiral to the end and may just go where no one's been."
> >> > >
> >> > >
> >> > > -
> >> > > To unsubscribe, send email to majordomo@silug.org with
> >> > > "unsubscribe silug-discuss" in the body.
> >> > >
> >> >
> >> >
> >> > -
> >> > To unsubscribe, send email to majordomo@silug.org with
> >> > "unsubscribe silug-discuss" in the body.
> >> >
> >>
> >>
> >> -
> >> To unsubscribe, send email to majordomo@silug.org with
> >> "unsubscribe silug-discuss" in the body.
> >>
> >
> >
> >-
> >To unsubscribe, send email to majordomo@silug.org with
> >"unsubscribe silug-discuss" in the body.
> >
>
>
>
>
> -
> To unsubscribe, send email to majordomo@silug.org with
> "unsubscribe silug-discuss" in the body.
>



-
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.
References:
- Re: ssh forwarding and ftp
  - From: Jamon Terrell <JamonTerrell@charter.net>
Prev by Date: Re: ssh forwarding and ftp
Next by Date: Re: rpm auto get dependencies?
Prev by thread: Re: ssh forwarding and ftp
Next by thread: Using SSH to run an X app remotely -- yes, I'm already stuck
Index(es):
- Date
- Thread