SEO

Sam Nichols wrote:

> So with some help from Kenneth I've got a tunnel (on 20 and 21) to my
> linux server from my local machine and am running vsftpd on the server.
> Problem is when I 'ftp localhost' it gives me 'ftp: connect to address
> ::1: Connection refused' and won't connect. I did some testing and the
> tunnel works (I made a tunnel to 22 [ssh] and it worked fine), I think
> the problem is with vsftpd. I looked through the manual and all the
> vsftpd.conf options but nothing fixed it, any ideas?

May I suggest that you proceed directly to an SSH client with a chroot
cage on the server to get the same sort safe file-transfer environment,
and simply not bother with the FTP server?

In article <jh_Ka.29347$pH3.11564@news2.east.cox.net>,
"Kenneth A Kauffman" <kkauffman@nospam.headfog.com> wrote:

> "Nico Kadel-Garcia" <nkadel@verizon.net> wrote in message
> news:uHLKa.276$oF.264@nwrdny03.gnilink.net...
> > Sam Nichols wrote:
> >
> > > So with some help from Kenneth I've got a tunnel (on 20 and 21) to my
> > > linux server from my local machine and am running vsftpd on the server.
> > > Problem is when I 'ftp localhost' it gives me 'ftp: connect to address
> > > ::1: Connection refused' and won't connect. I did some testing and the
> > > tunnel works (I made a tunnel to 22 [ssh] and it worked fine), I think
> > > the problem is with vsftpd. I looked through the manual and all the
> > > vsftpd.conf options but nothing fixed it, any ideas?
> >
> > May I suggest that you proceed directly to an SSH client with a chroot
> > cage on the server to get the same sort safe file-transfer environment,
> > and simply not bother with the FTP server?
> >
>
> If I recall correctly, he has a specific client that he needs to use that
> only supports FTP. However, by using port forwarding, he should be able to
> connect directly to the FTP server via the SSH tunnel.
>
> Assuming you are using putty on the windows side:
>
> in the SSH Tunnels definition add:
> SOURCE PORT : 20 DESTINATION (local): <ip of the ftp server listening
> address>:20
> SOURCE PORT : 21 DESTINATION (local): <ip of the ftp server listening
> address>:21
>
> Your entries should then look like this in the window:
> L20 <yourip>:20
> L21 <yourip>:21
>
> Save the settings.
>
> Now SSH into your remote machine. Once you have SSHd into the remote
> machine the tunnel is "ready" to be used. This is important. From your FTP
> client, you will wan to FTP into hostname "localhost" and NOT the remote IP
> address. The redirection will occur in the SSH forwarding tunnel. It
> basically takes the localhost:<port> and forwards it to the address you
> specified in putty.
>
> If you are not using putty, you will need to figure out how to do this with
> whatever your SSH client is.
>
> I've tested this out from work to my home machine using a remote FTP client.
> This is the only solution I can think of because of the limited nature of
> the FTP client you are using.
>
> ken k

Yes, I have a client that will only use FTP (BBEdit) so I need to use a
tunnel to FTP. And I'm pretty sure the connections are solid, and there
is something preventing the tunnel from talking to the FTP port, I'm on
a unix box (OS X). I've got the two connections running:

ssh -l <user> -f -N -L 21:host.net:21 host.net
ssh -l <user> -f -N -L 20:host.net:20 host.net

If I ftp localhost it gives me:

'ftp: connect to address ::1: Connection refused'

I also setup a tunnel to one of our work computers and ftp'd to that and
it worked fine so I know in theory my ftp tunnel should work. Also, as
another test, I did:

ssh -l <user> -f -N -L 9999:host.net:22 host.net

Which is the ssh port, and then ran 'telnet <user>@localhost 9999' and
the tunnel worked, it connected me to my ssh port on the remote machine
so I know the tunnel should work to my remote machine. Which leads me
to the conclusion that vsftpd is rejecting my advances for some reason
but I can't figure out why

"Sam Nichols" <sizam@inerd.net> wrote in message
news:sizam-34B918.10110327062003@news.stanford.edu...
> In article <jh_Ka.29347$pH3.11564@news2.east.cox.net>,
> "Kenneth A Kauffman" <kkauffman@nospam.headfog.com> wrote:
>
> > "Nico Kadel-Garcia" <nkadel@verizon.net> wrote in message
> > news:uHLKa.276$oF.264@nwrdny03.gnilink.net...
> > > Sam Nichols wrote:
> > >
> > > > So with some help from Kenneth I've got a tunnel (on 20 and 21) to
my
> > > > linux server from my local machine and am running vsftpd on the
server.
> > > > Problem is when I 'ftp localhost' it gives me 'ftp: connect to
address
> > > > ::1: Connection refused' and won't connect. I did some testing and
the
> > > > tunnel works (I made a tunnel to 22 [ssh] and it worked fine), I
think
> > > > the problem is with vsftpd. I looked through the manual and all the
> > > > vsftpd.conf options but nothing fixed it, any ideas?
> > >
> > > May I suggest that you proceed directly to an SSH client with a chroot
> > > cage on the server to get the same sort safe file-transfer
environment,
> > > and simply not bother with the FTP server?
> > >
> >
> > If I recall correctly, he has a specific client that he needs to use
that
> > only supports FTP. However, by using port forwarding, he should be able
to
> > connect directly to the FTP server via the SSH tunnel.
> >
> > Assuming you are using putty on the windows side:
> >
> > in the SSH Tunnels definition add:
> > SOURCE PORT : 20 DESTINATION (local): <ip of the ftp server
listening
> > address>:20
> > SOURCE PORT : 21 DESTINATION (local): <ip of the ftp server
listening
> > address>:21
> >
> > Your entries should then look like this in the window:
> > L20 <yourip>:20
> > L21 <yourip>:21
> >
> > Save the settings.
> >
> > Now SSH into your remote machine. Once you have SSHd into the remote
> > machine the tunnel is "ready" to be used. This is important. From your
FTP
> > client, you will wan to FTP into hostname "localhost" and NOT the remote
IP
> > address. The redirection will occur in the SSH forwarding tunnel. It
> > basically takes the localhost:<port> and forwards it to the address you
> > specified in putty.
> >
> > If you are not using putty, you will need to figure out how to do this
with
> > whatever your SSH client is.
> >
> > I've tested this out from work to my home machine using a remote FTP
client.
> > This is the only solution I can think of because of the limited nature
of
> > the FTP client you are using.
> >
> > ken k
>
> Yes, I have a client that will only use FTP (BBEdit) so I need to use a
> tunnel to FTP. And I'm pretty sure the connections are solid, and there
> is something preventing the tunnel from talking to the FTP port, I'm on
> a unix box (OS X). I've got the two connections running:
>
> ssh -l <user> -f -N -L 21:host.net:21 host.net
> ssh -l <user> -f -N -L 20:host.net:20 host.net
>
> If I ftp localhost it gives me:
>
> 'ftp: connect to address ::1: Connection refused'
>
> I also setup a tunnel to one of our work computers and ftp'd to that and
> it worked fine so I know in theory my ftp tunnel should work. Also, as
> another test, I did:
>
> ssh -l <user> -f -N -L 9999:host.net:22 host.net
>
> Which is the ssh port, and then ran 'telnet <user>@localhost 9999' and
> the tunnel worked, it connected me to my ssh port on the remote machine
> so I know the tunnel should work to my remote machine. Which leads me
> to the conclusion that vsftpd is rejecting my advances for some reason
> but I can't figure out why

Instead of host.net, try the actual IP assigned to the NIC card and give
that a whirl. Also make sure that VSFTP is listening on that IP address.

ken k

"Sam Nichols" <sizam@inerd.net> wrote in message
news:sizam-34B918.10110327062003@news.stanford.edu...
> In article <jh_Ka.29347$pH3.11564@news2.east.cox.net>,
> "Kenneth A Kauffman" <kkauffman@nospam.headfog.com> wrote:
>
> > "Nico Kadel-Garcia" <nkadel@verizon.net> wrote in message
> > news:uHLKa.276$oF.264@nwrdny03.gnilink.net...
> > > Sam Nichols wrote:
> > >
> > > > So with some help from Kenneth I've got a tunnel (on 20 and 21) to
my
> > > > linux server from my local machine and am running vsftpd on the
server.
> > > > Problem is when I 'ftp localhost' it gives me 'ftp: connect to
address
> > > > ::1: Connection refused' and won't connect. I did some testing and
the
> > > > tunnel works (I made a tunnel to 22 [ssh] and it worked fine), I
think
> > > > the problem is with vsftpd. I looked through the manual and all the
> > > > vsftpd.conf options but nothing fixed it, any ideas?
> > >
> > > May I suggest that you proceed directly to an SSH client with a chroot
> > > cage on the server to get the same sort safe file-transfer
environment,
> > > and simply not bother with the FTP server?
> > >
> >
> > If I recall correctly, he has a specific client that he needs to use
that
> > only supports FTP. However, by using port forwarding, he should be able
to
> > connect directly to the FTP server via the SSH tunnel.
> >
> > Assuming you are using putty on the windows side:
> >
> > in the SSH Tunnels definition add:
> > SOURCE PORT : 20 DESTINATION (local): <ip of the ftp server
listening
> > address>:20
> > SOURCE PORT : 21 DESTINATION (local): <ip of the ftp server
listening
> > address>:21
> >
> > Your entries should then look like this in the window:
> > L20 <yourip>:20
> > L21 <yourip>:21
> >
> > Save the settings.
> >
> > Now SSH into your remote machine. Once you have SSHd into the remote
> > machine the tunnel is "ready" to be used. This is important. From your
FTP
> > client, you will wan to FTP into hostname "localhost" and NOT the remote
IP
> > address. The redirection will occur in the SSH forwarding tunnel. It
> > basically takes the localhost:<port> and forwards it to the address you
> > specified in putty.
> >
> > If you are not using putty, you will need to figure out how to do this
with
> > whatever your SSH client is.
> >
> > I've tested this out from work to my home machine using a remote FTP
client.
> > This is the only solution I can think of because of the limited nature
of
> > the FTP client you are using.
> >
> > ken k
>
> Yes, I have a client that will only use FTP (BBEdit) so I need to use a
> tunnel to FTP. And I'm pretty sure the connections are solid, and there
> is something preventing the tunnel from talking to the FTP port, I'm on
> a unix box (OS X). I've got the two connections running:
>
> ssh -l <user> -f -N -L 21:host.net:21 host.net
> ssh -l <user> -f -N -L 20:host.net:20 host.net
>
> If I ftp localhost it gives me:
>
> 'ftp: connect to address ::1: Connection refused'
>
> I also setup a tunnel to one of our work computers and ftp'd to that and
> it worked fine so I know in theory my ftp tunnel should work. Also, as
> another test, I did:
>
> ssh -l <user> -f -N -L 9999:host.net:22 host.net
>
> Which is the ssh port, and then ran 'telnet <user>@localhost 9999' and
> the tunnel worked, it connected me to my ssh port on the remote machine
> so I know the tunnel should work to my remote machine. Which leads me
> to the conclusion that vsftpd is rejecting my advances for some reason
> but I can't figure out why

Also, have you tried it without the -f and -N options (just in case).

ken k

In article <9m0La.29591$pH3.7822@news2.east.cox.net>,
"Kenneth A Kauffman" <kkauffman@nospam.headfog.com> wrote:

> "Sam Nichols" <sizam@inerd.net> wrote in message
> news:sizam-34B918.10110327062003@news.stanford.edu...
> > In article <jh_Ka.29347$pH3.11564@news2.east.cox.net>,
> > "Kenneth A Kauffman" <kkauffman@nospam.headfog.com> wrote:
> >
> > > "Nico Kadel-Garcia" <nkadel@verizon.net> wrote in message
> > > news:uHLKa.276$oF.264@nwrdny03.gnilink.net...
> > > > Sam Nichols wrote:
> > > >
> > > > > So with some help from Kenneth I've got a tunnel (on 20 and 21) to
> my
> > > > > linux server from my local machine and am running vsftpd on the
> server.
> > > > > Problem is when I 'ftp localhost' it gives me 'ftp: connect to
> address
> > > > > ::1: Connection refused' and won't connect. I did some testing and
> the
> > > > > tunnel works (I made a tunnel to 22 [ssh] and it worked fine), I
> think
> > > > > the problem is with vsftpd. I looked through the manual and all the
> > > > > vsftpd.conf options but nothing fixed it, any ideas?
> > > >
> > > > May I suggest that you proceed directly to an SSH client with a chroot
> > > > cage on the server to get the same sort safe file-transfer
> environment,
> > > > and simply not bother with the FTP server?
> > > >
> > >
> > > If I recall correctly, he has a specific client that he needs to use
> that
> > > only supports FTP. However, by using port forwarding, he should be able
> to
> > > connect directly to the FTP server via the SSH tunnel.
> > >
> > > Assuming you are using putty on the windows side:
> > >
> > > in the SSH Tunnels definition add:
> > > SOURCE PORT : 20 DESTINATION (local): <ip of the ftp server
> listening
> > > address>:20
> > > SOURCE PORT : 21 DESTINATION (local): <ip of the ftp server
> listening
> > > address>:21
> > >
> > > Your entries should then look like this in the window:
> > > L20 <yourip>:20
> > > L21 <yourip>:21
> > >
> > > Save the settings.
> > >
> > > Now SSH into your remote machine. Once you have SSHd into the remote
> > > machine the tunnel is "ready" to be used. This is important. From your
> FTP
> > > client, you will wan to FTP into hostname "localhost" and NOT the remote
> IP
> > > address. The redirection will occur in the SSH forwarding tunnel. It
> > > basically takes the localhost:<port> and forwards it to the address you
> > > specified in putty.
> > >
> > > If you are not using putty, you will need to figure out how to do this
> with
> > > whatever your SSH client is.
> > >
> > > I've tested this out from work to my home machine using a remote FTP
> client.
> > > This is the only solution I can think of because of the limited nature
> of
> > > the FTP client you are using.
> > >
> > > ken k
> >
> > Yes, I have a client that will only use FTP (BBEdit) so I need to use a
> > tunnel to FTP. And I'm pretty sure the connections are solid, and there
> > is something preventing the tunnel from talking to the FTP port, I'm on
> > a unix box (OS X). I've got the two connections running:
> >
> > ssh -l <user> -f -N -L 21:host.net:21 host.net
> > ssh -l <user> -f -N -L 20:host.net:20 host.net
> >
> > If I ftp localhost it gives me:
> >
> > 'ftp: connect to address ::1: Connection refused'
> >
> > I also setup a tunnel to one of our work computers and ftp'd to that and
> > it worked fine so I know in theory my ftp tunnel should work. Also, as
> > another test, I did:
> >
> > ssh -l <user> -f -N -L 9999:host.net:22 host.net
> >
> > Which is the ssh port, and then ran 'telnet <user>@localhost 9999' and
> > the tunnel worked, it connected me to my ssh port on the remote machine
> > so I know the tunnel should work to my remote machine. Which leads me
> > to the conclusion that vsftpd is rejecting my advances for some reason
> > but I can't figure out why
>
> Instead of host.net, try the actual IP assigned to the NIC card and give
> that a whirl. Also make sure that VSFTP is listening on that IP address.
>
> ken k
>
>

Nope, no dice, its just not happening. I think I'll just set my
iptables to only listen to connections from my IP on port 21 and run
with it, unfortuantly.