[arch-general] tunneling help needed (ssh?)
C Anthony Risinger
anthony at xtfx.me
Tue Aug 2 15:13:03 EDT 2011
On Tue, Aug 2, 2011 at 1:56 PM, Taylor Hedberg <tmhedberg at gmail.com> wrote:
> Maybe somebody has a better solution than this, but to me, the following
> would be the obvious approach.
>
> If host "A" is the fully firewalled server that hosts the FTP directory,
> and server "B" is the server on which port 80 is accessible, then:
>
> 1. Run an FTP daemon on server A which limits access to the users
> you specify
> 2. On server B:
>
> ssh -L :80:A:21
>
> where "A" is the IP address or hostname of server A
would also need the host to connect to, `A:21` is only the forwarding spec:
ssh -CNfc arcfour -L 80:A:22 USER at A
... is what you'd want.
> Then, clients can FTP to port 80 on server B and their traffic will be
> forwarded to the FTP daemon on A.
but don't use antiquated FTP, require the use of SFTP for:
1) simplicity
2) security
3) speed
4) SSH -based
... FTP opens oodles of slow connections per session, and would
require fancier forwarding (at least 2 ports)
C Anthony
More information about the arch-general
mailing list