Re: Reverse ftp over ssh does send files
On Fri, 2003-07-18 at 13:29, Shaul Karl wrote: On Fri, Jul 18, 2003 at 01:39:10AM +0300, Micha Feigin wrote: I am aware of sftp, only for the specific computer I am trying to connect to, when I try to connect over sftp the connection locks up. I can't connect directly back to my computer since I am conection through the isp NAT and an extra home NAT which resalts with my computer having to reachable address as far as the remote is concered. The remote computer only allows conections over ssh, so I am looking for a way to tunnel some kind of file send protocol (ie ftp, tftp) over ssh in the reverse direction, where I can run any server I want. I need to transfer files in both directions, and I guess I can write a program to do this, but I'd rather not rewrite ftp. can tftp both send and recieve files and will it run over the reveresed ssh connection, or any other ideas on how to achive what I am trying to do? I am confused. Allow me to revisit the problem: Machine A --- network cloud --- home gateway --- Machine B In addition to the above, B is masqueraded, right? Now B can ssh A while A can not ssh B, right? You want that B will be able to send files to A and that A will be able to send files to B, but currently one of those 2 directions is not working. Which direction is not working? Currently both directions don't work. In addition the only way to connect to Machine A is using ssh, and sftp locks up so thats no option either. Its fire walled so writing my own simple ftp clone won't work (could maybe tunnel that over ssh). There is supposed to be a web interface for that, but couldn't get it to work. As for the earier talk about tunneling ftp, I tried to reverse the directions appearing in several HOWTOs saying to use: ssh -L 1234:localhost:21 remote and then ftp localhost 1234 = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Reverse ftp over ssh does send files
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 19 Jul 2003 00:20:50 +0300, Micha Feigin [EMAIL PROTECTED] wrote: I am confused. Allow me to revisit the problem: Machine A --- network cloud --- home gateway --- Machine B In addition to the above, B is masqueraded, right? If you have pop mail on machine A or B, you can use the mail to transfer the files you want. Assuming you have mail with pop on machine B, Tunnel both the 25 and 110 ports to any free ports on machine A (e.g. 10025 and 10110). From machine A tunnel those ports to machine B 25 and 110. Now you have mail (25) and pop (110) from your originator (O) machine to machine B. To transfer file from O to B send it by any mail client on O to yourself on B (remember, the mail server on B sees your O client as local client) and read it with a mail client on B. To transfer file from B to O, send it to yourself on B and pop it with your mail client on O. Ehud. - -- Ehud Karni Tel: +972-3-7966-561 /\ Mivtach - Simon Fax: +972-3-7966-667 \ / ASCII Ribbon Campaign Insurance agencies (USA) voice mail and X Against HTML Mail http://www.mvs.co.il FAX: 1-815-5509341 / \ mailto:[EMAIL PROTECTED] Better Safe Than Sorry -BEGIN PGP SIGNATURE- Comment: use http://www.keyserver.net/ to get my key (and others) iD8DBQE/GtXlLFvTvpjqOY0RAvnsAJ9wMRtvt4brzBgFsSl9vvsT6Dl+6ACeICPZ d3wi9+eyOANwqd+XE77Kpc0= =3H+D -END PGP SIGNATURE- = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Reverse ftp over ssh does send files
On Fri, Jul 18, 2003 at 01:39:10AM +0300, Micha Feigin wrote: I am aware of sftp, only for the specific computer I am trying to connect to, when I try to connect over sftp the connection locks up. I can't connect directly back to my computer since I am conection through the isp NAT and an extra home NAT which resalts with my computer having to reachable address as far as the remote is concered. The remote computer only allows conections over ssh, so I am looking for a way to tunnel some kind of file send protocol (ie ftp, tftp) over ssh in the reverse direction, where I can run any server I want. I need to transfer files in both directions, and I guess I can write a program to do this, but I'd rather not rewrite ftp. can tftp both send and recieve files and will it run over the reveresed ssh connection, or any other ideas on how to achive what I am trying to do? I am confused. Allow me to revisit the problem: Machine A --- network cloud --- home gateway --- Machine B In addition to the above, B is masqueraded, right? Now B can ssh A while A can not ssh B, right? You want that B will be able to send files to A and that A will be able to send files to B, but currently one of those 2 directions is not working. Which direction is not working? -- Shaul Karl, [EMAIL PROTECTED] e t = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Reverse ftp over ssh does send files
On Thu, 2003-07-17 at 10:55, Shachar Shemesh wrote: Tzafrir Cohen wrote: On Thu, Jul 17, 2003 at 09:07:18AM +0300, guy keren wrote: On 17 Jul 2003, Micha Feigin wrote: I try to connect to a remote computer using ssh and then tunnel the ftp connection back to by computer using ssh -R 1234:local machine:21 ... why do you expect to be able to tunnet 'ftp' like that? ftp sends only commands via port 21. data is sent via a seperate connection (data is both the output of 'ls', and files you transfer with 'get' or 'put'). it looks like you _might_ be able to do what you wanted, _if_ your could force the 'data' port to always be the same port on the remote machine, and then tunnel that port too via ssh. if this is possible, perhaps someone on the list can show us how to do that. However IIRC there is no inherent limitation in the ssh protocol for starting tunnels on the fly. I vaugly recall that mindterm had a feature of on-the-fly creation of ssh tunnels for ftp connections. Though in their page I only see an ftp proxy mentioned: http://www.mindbright.se/mindterm/techspec.php There is no such limitation (from the openssh client, just type ENTER, ~, and do -L... or -l). However, like I said in a different post, that won't allow encrypted FTP. In order for that work, you need to translate the port and passive commands inside the control connection to have the new IP. Shachar The reverese FTP over actually worked when I tried it at home over two computers on my local network, so its not that, but something with either ssh or an authentication problem. = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Reverse ftp over ssh does send files
On Thu, 17 Jul 2003, Micha Feigin wrote: I try to connect to a remote computer using ssh and then tunnel the ftp connection back to by computer using ssh -R 1234:local machine:21 ... I manage to open an ftp connection back to my computer and log in, but I can't seem to be able to do anything with it: Use scp to copy files over a SSH connection, not tunneling FTP. Alon -- This message was sent by Alon Altman ([EMAIL PROTECTED]) ICQ:1366540 GPG public key at http://alon.wox.org/pubkey.txt Key fingerprint = A670 6C81 19D3 3773 3627 DE14 B44A 50A3 FE06 7F24 -- -=[ Random Fortune ]=- QOTD: Do you smell something burning or is it me? -- Joan of Arc = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Reverse ftp over ssh does send files
Alon Altman wrote: On Thu, 17 Jul 2003, Micha Feigin wrote: I try to connect to a remote computer using ssh and then tunnel the ftp connection back to by computer using ssh -R 1234:local machine:21 ... I manage to open an ftp connection back to my computer and log in, but I can't seem to be able to do anything with it: Use scp to copy files over a SSH connection, not tunneling FTP. Alon If you want an interface consistant with FTP, use SFTP. Read Alon's reply to see why this is necessary. Alon does have one bit of information wrong, however. Even if you could set the port number in advance, it would still not work. In order for it to work you would also need to change the actual data passed inside the control connection. About six years ago, I was able to encrypt the control connection, while passing the data in the clear. I suspect, in retrospect, that the only reason I could do that was that the FTP servers of those days did not try to protect themselves against bounce attacks. It should be pretty much impossible with modern FTP servers. Shachar -- Shachar Shemesh Open Source integration consultant Home page resume - http://www.shemesh.biz/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Reverse ftp over ssh does send files
On Thu, Jul 17, 2003 at 09:07:18AM +0300, guy keren wrote: On 17 Jul 2003, Micha Feigin wrote: I try to connect to a remote computer using ssh and then tunnel the ftp connection back to by computer using ssh -R 1234:local machine:21 ... why do you expect to be able to tunnet 'ftp' like that? ftp sends only commands via port 21. data is sent via a seperate connection (data is both the output of 'ls', and files you transfer with 'get' or 'put'). it looks like you _might_ be able to do what you wanted, _if_ your could force the 'data' port to always be the same port on the remote machine, and then tunnel that port too via ssh. if this is possible, perhaps someone on the list can show us how to do that. However IIRC there is no inherent limitation in the ssh protocol for starting tunnels on the fly. I vaugly recall that mindterm had a feature of on-the-fly creation of ssh tunnels for ftp connections. Though in their page I only see an ftp proxy mentioned: http://www.mindbright.se/mindterm/techspec.php -- Tzafrir Cohen +---+ http://www.technion.ac.il/~tzafrir/ |vim is a mutt's best friend| mailto:[EMAIL PROTECTED] +---+ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Reverse ftp over ssh does send files
Tzafrir Cohen wrote: On Thu, Jul 17, 2003 at 09:07:18AM +0300, guy keren wrote: On 17 Jul 2003, Micha Feigin wrote: I try to connect to a remote computer using ssh and then tunnel the ftp connection back to by computer using ssh -R 1234:local machine:21 ... why do you expect to be able to tunnet 'ftp' like that? ftp sends only commands via port 21. data is sent via a seperate connection (data is both the output of 'ls', and files you transfer with 'get' or 'put'). it looks like you _might_ be able to do what you wanted, _if_ your could force the 'data' port to always be the same port on the remote machine, and then tunnel that port too via ssh. if this is possible, perhaps someone on the list can show us how to do that. However IIRC there is no inherent limitation in the ssh protocol for starting tunnels on the fly. I vaugly recall that mindterm had a feature of on-the-fly creation of ssh tunnels for ftp connections. Though in their page I only see an ftp proxy mentioned: http://www.mindbright.se/mindterm/techspec.php There is no such limitation (from the openssh client, just type ENTER, ~, and do -L... or -l). However, like I said in a different post, that won't allow encrypted FTP. In order for that work, you need to translate the port and passive commands inside the control connection to have the new IP. Shachar -- Shachar Shemesh Open Source integration consultant Home page resume - http://www.shemesh.biz/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Reverse ftp over ssh does send files
On Thu, 2003-07-17 at 10:08, Shachar Shemesh wrote: Alon Altman wrote: On Thu, 17 Jul 2003, Micha Feigin wrote: I try to connect to a remote computer using ssh and then tunnel the ftp connection back to by computer using ssh -R 1234:local machine:21 ... I manage to open an ftp connection back to my computer and log in, but I can't seem to be able to do anything with it: Use scp to copy files over a SSH connection, not tunneling FTP. Alon If you want an interface consistant with FTP, use SFTP. Read Alon's reply to see why this is necessary. Alon does have one bit of information wrong, however. Even if you could set the port number in advance, it would still not work. In order for it to work you would also need to change the actual data passed inside the control connection. About six years ago, I was able to encrypt the control connection, while passing the data in the clear. I suspect, in retrospect, that the only reason I could do that was that the FTP servers of those days did not try to protect themselves against bounce attacks. It should be pretty much impossible with modern FTP servers. Shachar I am aware of sftp, only for the specific computer I am trying to connect to, when I try to connect over sftp the connection locks up. I can't connect directly back to my computer since I am conection through the isp NAT and an extra home NAT which resalts with my computer having to reachable address as far as the remote is concered. The remote computer only allows conections over ssh, so I am looking for a way to tunnel some kind of file send protocol (ie ftp, tftp) over ssh in the reverse direction, where I can run any server I want. I need to transfer files in both directions, and I guess I can write a program to do this, but I'd rather not rewrite ftp. can tftp both send and recieve files and will it run over the reveresed ssh connection, or any other ideas on how to achive what I am trying to do? thanx = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Reverse ftp over ssh does send files
I try to connect to a remote computer using ssh and then tunnel the ftp connection back to by computer using ssh -R 1234:local machine:21 ... I manage to open an ftp connection back to my computer and log in, but I can't seem to be able to do anything with it: michf ftp localhost 1234 Connected to localhost.localdomain. 220 litshi.luna.local FTP server (Version 6.4/OpenBSD/Linux-ftpd-0.17) ready. 500 'AUTH GSSAPI': command not understood. 500 'AUTH KERBEROS_V4': command not understood. KERBEROS_V4 rejected as an authentication type Name (localhost:michf): micha 331 Password required for micha. Password: 230- Linux litshi 2.5.75 #1 Mon Jul 14 01:16:41 IDT 2003 i686 GNU/Linux 230- 230- 230 User micha logged in. Remote system type is UNIX. Using binary mode to transfer files. ftp ls 227 Entering Passive Mode (192,168,0,3,212,60) Long wait here ftp: connect: No route to host Just can't seem to ls/wget/get etc. anything = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Reverse ftp over ssh does send files
On 17 Jul 2003, Micha Feigin wrote: I try to connect to a remote computer using ssh and then tunnel the ftp connection back to by computer using ssh -R 1234:local machine:21 ... why do you expect to be able to tunnet 'ftp' like that? ftp sends only commands via port 21. data is sent via a seperate connection (data is both the output of 'ls', and files you transfer with 'get' or 'put'). it looks like you _might_ be able to do what you wanted, _if_ your could force the 'data' port to always be the same port on the remote machine, and then tunnel that port too via ssh. if this is possible, perhaps someone on the list can show us how to do that. -- guy For world domination - press 1, or dial 0, and please hold, for the creator. -- nob o. dy = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]