Tunneling FTP on the Command Line
With SSH Tectia Server and Client, it is possible to tunnel FTP
connections by using a command with the following syntax:
$ ssh2 -L ftp/x:ftpdserver:y username@sshserver
FTP tunneling is an extension to the generic tunneling mechanism. The FTP
control channel can be secured by using generic port forwarding, but since the
FTP protocol requires creating separate TCP connections for the files to be
transferred, all the files would be transferred unencrypted when using generic port
forwarding, as these separate TCP connections would not be forwarded automatically.
To protect also the transferred files, use FTP forwarding instead. It works
similarly to generic port forwarding, except that the FTP forwarding code
monitors the forwarded FTP control channel and dynamically creates new port
forwardings for the data channels as they are requested. To see exactly how this
is done, two different cases need to be examined: the active mode and the
passive mode of the FTP protocol.