On Tue, Aug 2, 2011 at 1:56 PM, Taylor Hedberg <tmhedberg@gmail.com> wrote:
Maybe somebody has a better solution than this, but to me, the following would be the obvious approach.
If host "A" is the fully firewalled server that hosts the FTP directory, and server "B" is the server on which port 80 is accessible, then:
1. Run an FTP daemon on server A which limits access to the users you specify 2. On server B:
ssh -L :80:A:21
where "A" is the IP address or hostname of server A
would also need the host to connect to, `A:21` is only the forwarding spec: ssh -CNfc arcfour -L 80:A:22 USER@A ... is what you'd want.
Then, clients can FTP to port 80 on server B and their traffic will be forwarded to the FTP daemon on A.
but don't use antiquated FTP, require the use of SFTP for: 1) simplicity 2) security 3) speed 4) SSH -based ... FTP opens oodles of slow connections per session, and would require fancier forwarding (at least 2 ports) C Anthony