EldoS | Feel safer!

Software components for data protection, secure storage and transfer

FTP & SSH

Also by EldoS: Rethync
The cross-platform framework that simplifies synchronizing data between mobile and desktop applications and servers and cloud storages
#35913
Posted: 02/16/2016 17:10:18
by Ken Ivanov (EldoS Corp.)

Quote
Tunneling FTP over SSH, however, requires special tricks and with existing TElSimpleFTPSClient it won't be possible.

In fact, it is possible - setting AutoAdjustPasvAddress to true makes the component adjust its passive destination host to the same address as used by the control channel (127.0.0.1 in the above case).

This is unlikely to be possible with third-party FTP/FTPS components though.
#35914
Posted: 02/16/2016 17:12:51
by Eugene Mayevski (EldoS Corp.)

Quote
Ken Ivanov wrote:
In fact, it is possible - setting AutoAdjustPasvAddress to true makes the component adjust its passive destination host to the same address as used by the control channel (127.0.0.1 in the above case).


And what about the port part, which also needs to be adjusted?


Sincerely yours
Eugene Mayevski
#35915
Posted: 02/16/2016 17:21:16
by Ken Ivanov (EldoS Corp.)

As far as I understood, Martin's implementation is already capable of capturing the port and opening a local port with the same number for tunneling.
#35916
Posted: 02/16/2016 17:34:17
by Eugene Mayevski (EldoS Corp.)

It's possible that the specified port will be blocked on this particular client computer, so a "hook" event would be preferred in this situation, as it would provide more flexibility. Still this is a custom work.


Sincerely yours
Eugene Mayevski
#35926
Posted: 02/17/2016 10:15:25
by Andre Paradis (Standard support level)
Joined: 02/14/2013
Posts: 31

thank you guys, i got it working !
#35930
Posted: 02/17/2016 12:21:01
by Andre Paradis (Standard support level)
Joined: 02/14/2013
Posts: 31

I still have a few questions

I would like to create a encrypted tunnel between 2 machines, a workstation and a server in which I can send files via ftp, telnet, and whatnot, without having to trap port numbers and create tunnels on the fly

I thought that the dynamicportforwarding option on the fowarding compontent did that ?? what is it for ??
#35931
Posted: 02/17/2016 12:25:42
by Eugene Mayevski (EldoS Corp.)

The problem with trapping the port numbers came from the specifics of FTP.

Dynamic port forwarding is an option, and maybe it could work even in case of FTP. The idea is that you setup dynamic port forwarding and it acts as a SOCKS server. Then you configure the client to use the address and port number of the set up port forwarding as SOCKS server parameters in the client (if the client supports SOCKS servers -- our components do).


Sincerely yours
Eugene Mayevski
#35940
Posted: 02/18/2016 11:51:02
by Andre Paradis (Standard support level)
Joined: 02/14/2013
Posts: 31

Ok i got it working with dynamic port forwarding

Only issue is when the first transfer is completed, the connection is closed and the next transfer does not work
#35942
Posted: 02/18/2016 12:07:55
by Ken Ivanov (EldoS Corp.)

Could you please elaborate on which exactly connection is closed and if there are any errors reported by the client, server or your forwarding component?

If it's the forwarding component that shuts its SSH connection down when the FTP session is over, please check that its CloseIfNoActiveTunnels property is switched off.

Ken
#35943
Posted: 02/18/2016 12:16:55
by Andre Paradis (Standard support level)
Joined: 02/14/2013
Posts: 31

Code
procedure TfrmMain.ForwardingConnectionClose(Sender: TObject;
  Conn: TElSSHForwardedConnection);




which gives me :

Code
Log('Secure channel closed', false);


the ftp clients wants to initiate the transfer of a second file on the active tunnel,but the channel is closed
Also by EldoS: Callback File System
Create virtual file systems and disks, expose and manage remote data as if they were files on the local disk.

Reply

Statistics

Topic viewed 5349 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!