[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] secFTP not working on Qube2
- Subject: Re: [cobalt-security] secFTP not working on Qube2
- From: Jeff Lovell <jlovell@xxxxxxxxxx>
- Date: Tue, 24 Oct 2000 15:40:33 -0700
- Organization: Cobalt Networks, Inc.
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Mike Vanecek wrote:
>
> I added the following command to /etc/proftpd.conf in the Global section
>
> AllowForeignAddress on
>
> I am now able to do PASV ftps via ssh1 for registered users. I cannot do a
> ssh1 anonymous ftp, but then why would I want to?
>
> Active transfers still do not work. That gets us back to
>
> http://www.proftpd.org/proftpd-l-archive/00-08/msg00106.html
The like you provide above isn't quite the same as what you
are experiencing. The above discussion is about using active
ftp connections on a non-encrypted channel. Which does work
with the proftpd in patch 3.0.2-6449.
It seems that active FTP connections are not allowed over
ssh due to not being able to dynamically assign ports to
the ftp client. You can use a client that doesn't support
passive connections, but you must use the PORT command to
assign the data channel.
Here is a link to the SSH FAQ that might be able to
give you more insight.
http://www.employees.org/~satch/ssh/faq/
Jeff
--
Jeff Lovell
Cobalt Networks, Inc.