Ftp + Ssl ?

maggus · 02-20-2007, 08:00 AM

Hi,

I have ftp server running at my home (vsftpd on Fedora5), and I want to access it from my work. But at my work proxy blocks all the ports except http and SSL.
Question: Can I tunnel ftp through ssl somehow, or are there any other things I can try?

Thanks,
Mike

wgbjr · 02-20-2007, 09:06 AM

Should be able to use putty to pipe the connection through SSH.

Info here.

maggus · 02-20-2007, 09:27 AM

SSH port is also blocked.

Any other ideas?

wgbjr · 02-20-2007, 09:33 AM

Sorry, I read too fast.

pdw_hu · 02-20-2007, 09:37 AM

This might not work: but why don't you try putting your home FTP server to the SSL port?

wgbjr · 02-20-2007, 09:40 AM

Do you have a web server running on the server at home?

maggus · 02-20-2007, 09:52 AM

Yes, I do have web server working at home. And I am able to connect to it using both http and ssl. Can I emulate ftp with web server?

to pdw_hu: I have some services running through ssl, so I do not want to loose them if I change ssl port to ssh service.

wgbjr · 02-20-2007, 09:56 AM

I was just thinking if you didn't have a web server running, your ftp server could run on port 80.

I don't see another way to get around it right now, but I am sure someone more experienced than me may have an answer.

maggus · 02-20-2007, 10:53 AM

I am thinking about setting up ssh as port 80, and web server on some other ports. And do all connections through ssh tunneling. Including http, ftp, and ssl.
That's the only possible solution I can think of. The problem is that regular web server users would not know about 80 being ssh, not http port. and for them http would not work.

Thanks anyway wgbjr

Mike

wgbjr · 02-20-2007, 11:09 AM

I would assume then that you use SSL as well on your server?

maggus · 02-20-2007, 11:35 AM

Yes, I do.

wgbjr · 02-20-2007, 11:46 AM

Well, my experience says you are limited on what you can do. You have two ports to work with, and those ports are used.

Maybe someone else has some ideas? I would be interested in seeing how it could happen myself.

1jnike · 02-20-2007, 01:13 PM

Hi wgbjr,

I am fairly new to all this, but you could try the following link:

http://www.iana.org/assignments/port-numbers

I hope you find it usful.

1jnike

anomie · 02-20-2007, 03:18 PM

Well, you have a limited number of ports to work with, so how about this:

Run sshd on port 80 at home. Allow X11 forwarding. This means you can -

Copy files back and forth using scp or sftp. (ftp no longer needed.)
Run your web browser directly from your home box (over ssh) and point it to localhost. Your web server can listen on some arbitrary port.

Will that do it? Or are there some other pieces to this puzzle?

Jaqui · 02-20-2007, 04:05 PM

http and https are NOT limited to port 80 and 443, you can have the webserver on your system use any port you want, you just have to modify the dns entry to include the port:
http://mydomain.com:90
https://mydomain.com:768

a common alternate port for http is 8080

for the webserver conf, change the port part of the conf to be * then it will listen on ALL ports on the ipaddress of the server, not just 80.

you only have to specify a port if you have muliple sites using ssl, since the cert served for ssl is ip address specific.