Opened 20 years ago

Last modified 15 years ago

#1594 closed Feature request

Support for SSH tunnelled ftp.

Reported by: rasjidw Owned by:
Priority: normal Component: Other
Keywords: Cc: rasjidw, Tim Kosse
Component version: Operating system type:
Operating system version:


Could I suggest that the FileZilla Client ignores the
IP address returned by an FTP server in response to
the PASV command, and just uses the port number
returned with the original IP address for the
connection? Or that this is at least an configuration

This would enable to use SSH port forwarding to
connect to an ftp server behind a firewall in passive
mode with all traffic encrypted.

(This does assume that the ftp server concerned has a
small defined range of ports it uses for passive mode.)

eg, Suppose I have a SSH link between Box A and Box B,
with port 21 and the defined range of passive ports
port forwarded from A to B (ports 4096-5000 say).
Suppose Box B has an internal IP address of

On Box A, if I connect to 'localhost:21', everything
is fine until the PASV command, when Box B returns:
227 Entering Passive mode (192,168,3,47,16,0).

If FileZilla ignored the IP address returned, and just
used the IP address of the original connection (in
this case with port 4096 (as returned by
the passive command) then everything would be really
cool, and ftp over a ssh forwarded connection would


Change History (1)

comment:1 by Tim Kosse, 15 years ago

FTP has not been designed to be used like this, won't be

Note: See TracTickets for help on using tickets.