Hi,
On Sun, 24 Sep 2000, Daniel Woods wrote:
> To use SSH tunnelling for ftp, does it require that users have access
> to ftp on the server from their IP, or only access to SSH ? Meaning,
> does sftp or tunnelling only require ftp to be available for 127.0.0.1
> ? This way I can have tcp_wrappers restricted to only local ftp, but
> users can use SSH (sftp, tunnelling) to still use secure ftp (but not
> regular ftp) ?
SFTP != FTP (i.e. they are not interoperable in any way).
What I said concerns "ordinary" ftp over ssh (version 1 or 2 doesn't
matter, though ssh2 is more suited to build a complete proxy on top of).
SFTP is a totally different matter and in the case you have it installed
and your clients are sftp enabled you are fine. Though if you want to run
"ordinary" ftp tunneled (i.e. your users wants to use some "off the shelf"
ftp client for file transfer), what you describe is true, i.e. you can set
up the ftp server to listen on 127.0.0.1 on the machine containing a ssh
server and then use a ftp enabled ssh client to access it.
Cheers,
/Mats
