[Server A] ----- [FTP server] ---- [Server B]
Server A and B can both see the FTP server but not each other. Is there a way to create a tunnel between them through the ftp server, only using the FTP protocol?
FTP will only transfer data to disk or from disk, so the only way to tunnel anything is to store the data on one side and retrieve them on the other side.
You need to install a FTP Proxy on the FTP server, maybe your server already supports proxy connections. This allows Server A to connect to FTP Server and use it as a proxy to connect to Server B and vice versa.
Once Server A has connected to the FTP Server, the FTP Protocol allows to send the command USER <user>#ServerB which will result in FTP Server connecting to Server B and function as a proxy from now on.
I have some experience with FileZilla and it worked fine for me testing a FTP Proxy Product as it offers a lot of the supported mechanisms how to tell a FTP Proxy to connect to the destination server. It also displays all FTP Commands which will be send over the wire, which really helped a lot in troubleshooting.
Related
So I'm working on a project by connecting to an FTP server which hosts the project (webdev app project based in PHP).
However I want to go work from cafe's once in a while an not just from home and i was wondering how can I do that securely?
The FTP connection is encrypted with "Pure FTP" setting in Netbeans, and there's a username and password requirement from the FTP server.
I also have a running VPN service on my laptop.
Is this enough? Or should I secure it better? I tried to find information but my search did not yield sufficient information, so any reference will also be great.
Code#30
You don't. FTP is plaintext protocol and public wifi is usually not encrypted if it is what you mean. You don't want to send passwords over this. But there are several way how to make it usable:
Use SFTP or FTPS, which adds a layer of security to the file transfer protocol.
Use VPN to the network where the FTP server is (not VPN to somewhere else -- you would be still tranfering the passwords from the other side of VPN).
Use stunnel, SSH port forwarding or SSH SOCKS proxy.
In my university I have a server (CLUB Server) but the university local network is closed I mean I can not access the server from outside (from my house for example) but the server have the ability to access another server on the internet so in order to control the server I decided to make my home computer a server and buy a Fix-IP and configure the server to connect to my home server and in that way I will be able to control the University server from my home server
So it's easy to do that for example I can make an IRC server at home and when the university server connect to my home server I will send him command in on the chat space but this is not enough because I want to control the university server terminal so is there any existing application that have the ability to do such a thing or I have to program the control of my IRC chat commands one by one , please post any information you have ?
you can daisy chain ssh from machine to machine. log onto the the server you can get to from the outside with user#ip once logged in there ssh through the LAN with user# lan ip for that server.
The solution is to use the Reverse SSH and it's to make the server connect to the client and make an SSH port forwarding from client computer to the server so anyone will be able to connect to the server just by connecting to the client computer
For more informations -> https://www.howtoforge.com/reverse-ssh-tunneling
I use ssh keys to access a server at lets say 200.200.200.200. It works fine. How can i access that server in my host as 127.0.0.1?
I have tried my best but couldn't make it work.
You normally do this via port forwarding so you forward the remote port (the one from the server) that you are interested in to your local machine. Then you can access it via 127.0.0.1:
Example tutorial:
https://help.ubuntu.com/community/SSH/OpenSSH/PortForwarding
In putty it is also straight forward:
http://www.cs.uu.nl/technical/services/ssh/putty/puttyfw.html
You could also modify your local hosts file to point to this server but that often causes hick ups with local services.
I have a local web server which has only outgoing internet access.
I have a public server on the cloud, which cannot access my local web server directly.
I want to find a way to have my local web server connected to the public server, and for the public server to act as a reverse proxy to forward web request to my local web server, and return the response to the public server.
I have been looking at node-http-proxy to try use a public server to forward http request to another local web server which has no incoming ports opened. But it seems that node-http-proxy assumes that the reverse proxy server has access to the local network.
Is there any solution out there?
Thanks.
A proxy generally is fronting a set of connections. What you are really asking here is how to make requests of a private webserver without being able to initiate communications with it. Given the naturw of HTTP I'm not sure a thing exists.
You could try addressing this with a secure tunnel (openVPN or stunnel etc. ) where you establish a link between servers from "inside out" but then make connections in the expected direction over that link. But you are basically opening up that protected server to that host which may be more exposure than what you want.
I have a doubt about the following system architecture:
Lets say we have three machines:
SERVER A
SERVER B
EXTERNAL A
SERVER A is offering some streaming services and its behind an uknown network, so it opens a reverse SSH tunnel to SERVER B on an specified PORT, so SERVER B can access to SERVER A service by http: //localhost:PORT
SERVER B is running linux and openssh server for accepting the tunnel. (this server is public)
The doubt comes when I want to access the streaming service offered by SERVER A from EXTERNAL A via the public SERVER B. Suposing I know the PORT I'd like to achieve something like:
EXTERNAL A -> 'http: //serverB_IP:PORT' -> SERVERB -> 'http ://localhost/PORT' -> Tunnel -> SERVER A service.
To entangle it even more there could be plenty SERVER A servers which opens a Tunnel with SERVER B (each one on a different port correctly managed).
Any idea about how to achieve that?
if you enable
GatewayPorts yes
in your sshd_config on server b then it is possible to connect from the outside to server b and make use of the established tunnel to server a. by default GatewayPorts is disabled and the tunnel will only work locally.