LinuxQuestions.org - how to sftp using a SOCKS v5 proxy

- Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)

- - how to sftp using a SOCKS v5 proxy (https://www.linuxquestions.org/questions/linux-newbie-8/how-to-sftp-using-a-socks-v5-proxy-789824/)

digger86

02-17-2010 07:25 PM

how to sftp using a SOCKS v5 proxy

what is the command to sftp from one linux host to another linux host through a SOCKS v5 that requires authentication? I have tried:

Code:

# sftp -o "ProxyCommand netcat -X socks_proxy_host:1080 %h %p" external-server

I know this does not have auth in it but I was going to come to that later ;)

output

Code:

Connecting to external-server...

netcat: invalid option -- 'X'

netcat -h for help

ssh_exchange_identification: Connection closed by remote host

Couldn't read packet: Connection reset by peer

the man page for netcat does not show an option -X but the openSSH man page does.

evo2	02-17-2010 08:55 PM

Quote:

Originally Posted by digger86 (Post 3867537)

the man page for netcat does not show an option -X but the openSSH man page does.

So why are you passing -X to netcat?

Evo2.

digger86

02-17-2010 10:19 PM

the -o option passes ssh options and the man page for ssh uses nc which is netcat.

From the OpenSSH man page:

Quote:

ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p

This is not working so that is why I am asking.

evo2	02-17-2010 10:54 PM

Ok, now I understand. There seem to be two problems.

The -X flag for ssh forwards an X connection, which only makes sense for interactive sessions, not for file transfer. I know very little about netcat, so I can only assume that the -X flag is supposed to be passed to netcat, but your version does not accept the -X flag. So perhaps you need to work out what that is supposed to do and replace it with the correct option.

The second problem seems to be that you are not quoting the options correctly.
The example in the man page shows the syntax for an ssh_config file. The syntax on the command line would be

Code:

sftp -oProxyCommand='/usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p'

Evo2.

evo2	02-17-2010 11:01 PM

Ok, I just worked it out. You need to use the netcat from the netcat-openbsd package.

Evo2.

digger86

02-18-2010 10:55 AM

Thanks evo2, it make sense that the openbsd netcat will support it.

I was looking for a solution that does not require additional software. I guess I could always set up an ssh tunnel and then ftp.

digger86

02-19-2010 06:07 PM

how would you do this if you are just using SSH?

skr989

01-25-2011 11:47 AM

This is an old post. Thought my input will help subsequent visitors to this forum.
Below is the command I used to connect SFTP via socks proxy
sftp -oProxyCommand='/usr/bin/nc -v -x10.10.10.10:1080 %h %p' user@sftp.host.com 22

Where,
10.10.10.10 is the SOCKS proxy host (DNS Can also be used)
1080 - SOCKS Port
sftp.host.com - Replace this with sftp host name
user - Replace this with the user id on the sftp server

In case you need to use a public/private key authentication here is how you can do.
sftp -oIdentityFile=/path/to/private-key-file/private-key.key -oProxyCommand='/usr/bin/nc -v -x10.10.10.10:1080 %h %p' user@sftp.host.com 22

You may need to give correct permissions to the private-key.key file.

All times are GMT -5. The time now is 09:27 PM.