Support for SSH tunnelled ftp.
|rasjidw, Tim Kosse
|Operating system type:
|Operating system version:
Could I suggest that the FileZilla Client ignores the
IP address returned by an FTP server in response to
the PASV command, and just uses the port number
returned with the original IP address for the
connection? Or that this is at least an configuration
This would enable to use SSH port forwarding to
connect to an ftp server behind a firewall in passive
mode with all traffic encrypted.
(This does assume that the ftp server concerned has a
small defined range of ports it uses for passive mode.)
eg, Suppose I have a SSH link between Box A and Box B,
with port 21 and the defined range of passive ports
port forwarded from A to B (ports 4096-5000 say).
Suppose Box B has an internal IP address of
On Box A, if I connect to 'localhost:21', everything
is fine until the PASV command, when Box B returns:
227 Entering Passive mode (192,168,3,47,16,0).
If FileZilla ignored the IP address returned, and just
used the IP address of the original connection (in
this case 127.0.0.1) with port 4096 (as returned by
the passive command) then everything would be really
cool, and ftp over a ssh forwarded connection would