Why don't you create an ssh tunnel between your two boxes and then
perform you ftp connection through there? This way, the connection would
be secure and you could impersonate whichever user you need to.

There is also a secure version of ftp, but I don't think that it can be
instantiated directly from PHP, and you would therefore have to run it
from a shell, which would give the same problems you have with ssh now.


php|architect - The magazine for PHP Professionals
The first monthly worldwide magazine dedicated to PHP programmers

Come visit us at!
--- Begin Message ---
My company, as a matter of policy, closes the ftp ports of the servers in the DMZ. 
However, I am not convinced that this is necessary, given the advent of very secure 
ftp servers. I would appreciate any comments on the security of an open ftp port. To 
relate this to php, I am ready to give up trying to make my 

system("scp ......");

code work, because I will have to give the apache user more permissions than I am 
comfortable with. So, I am thinking fo using php's ftp commands instead. I see nowhere 
in the documentation however, if the ftp_connect can be done via the ssh transport 
mechanism. Or, is this unnecessary, and can I use ftp (with plain text user and 
password passed to ftp_login()) on port 21 without worrying about getting hacked? 

muchas gracias

--- End Message ---
PHP General Mailing List (
To unsubscribe, visit:

Reply via email to