Topic "Passive mode + SSH tunneling set up with external tool."

Author Message
JCipriani
[View user's profile]

Joined: 2008-09-14
Posts: 3
I am using WinSCP 4.1.6 (Build 412). I am using PuTTY to set up SSH tunneling (using WinSCP to set it up is not an option). I am connecting to an FTP server using passive mode (the passive port is also forwarded through the tunnel). This means that the server's passive mode IP it provides is incorrect, it's the server's LAN IP on the other side of the tunnel but for this to work, WinSCP needs to override that and use 127.0.0.1 instead.

How do I configure this? The WinSCP documentation implies that it's possible to connect through a tunnel when using an external tool:

https://winscp.net/eng/docs/ui_login_tunnel#tunnel_options

Yet it doesn't describe how to set this up. Disabling tunneling in WinSCP does not work, of course, since WinSCP trusts that the passive IP sent from the server is correct (but it's not). Enabling tunneling but not entering any information also does not work, WinSCP won't connect and fails with a network error. Choosing "FTP" instead of "SFTP" as the file protocol (which is correct, it's FTP through the tunnel, not SFTP) removes the tunneling options entirely.

Really all I need is an option that lets me override the IP used for passive port connections for plain old insecure FTP connections. Without that option, it does not seem like WinSCP can actually be used to connect to an FTP server through an SSH tunnel set up by an external tool, as implied in the documentation. I feel like I must be missing something simple. I am looking at WinSCP as a free alternative to SmartFTP, which does support this configuration.

Thanks,
JC

Last edited by JCipriani on 2008-09-14 21:33; edited 1 time in total
Advertisements
JCipriani
[View user's profile]

Joined: 2008-09-14
Posts: 3
One more thing; I found the relevant FAQ entry here:

https://winscp.net/eng/docs/guide_tunnel

Unless I am missing something the instructions in this FAQ appear to be incomplete. The setup described in the FAQ would not, in fact, allow an FTP connection through an SSH tunnel set up by PuTTY, as they neglect to take care of setting up the second FTP data connection through the tunnel.

There are two options. One would be to set it up in active mode, requiring the client to accept incoming connections on some data port, which would require connections to the pass-through server from the FTP server to be forwarded back through the tunnel to the client (I do not know how to configure this in PuTTY, I don't even know if this is possible -- I am not an SSH tunneling expert). To support this option, however, you have to be able to tell WinSCP to always use a specified port/range of ports for accepting active mode data connections. The other is to set it up in passive mode, which requires a second outgoing port forward to be set up through the tunnel, and the ability to ignore the server's passive mode IP (which is the missing piece in my puzzle). The ability to also override the passive mode port is not necessary as long as you set up port forwarding to use the same local port number that the remote FTP server is using for passive connections.

In both cases, passive and active, WinSCP is either lacking the necessary options or I just can't find them to support connections over SSH tunnels created by external tools (for active, ability to specify active listen port, for passive, ability to override passive connection IP). The FAQ and other online documentation does not cover either of these, and without them I'm curious as to how anybody has ever gotten WinSCP working this way.

Thanks,
JC
JCipriani_

Guest


Has anybody ever successfully configured WinSCP to connect to an FTP server through a tunnel set up by a different application? Still hoping for some insight on this.

Thanks!
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 25034
Location: Prague, Czechia
The FAQ actually covered tunneling SFTP/SCP sessions only, although it was never mentioned. I have updated the FAQ to cover FTP sessions too. However please note that I have not tested it actually Smile So please let me know if it works.

Also this issue is being tracked already.
Advertisements

You can post new topics in this forum






Search Site

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License