[unisog] Ftp access to Web servers

Karen A Swanberg swanberg at tc.umn.edu
Tue Jun 11 20:35:45 GMT 2002

on 06/11/02, Reg Quinton wisely declared:

> > The PuTTY clients (SSH2, SCP, SFTP) are good stuff too,
> > http://www.chiark.greenend.org.uk/~sgtatham/putty/

> Why would one even think about FTP?

I'm sorry, I have to chime in on this one. I'm a bit stunned at how often
I get this response in the academic community. Many in the academic
community have neither the funds, the equipment, the time, the abiltiy or
the wherewithall to set up VPN's or certificate servers. Certainly not in
many K-12 situations, and in many small departments such as mine. I've
been working on a solution for port forwarding ftp through SSH for a while
now (mostly a documentation project), and I'm amazed at how often it comes
in handy. Or is _required_ by many propriatary or un-updatable software.

1) Many applications which are in common use have ftp built in but do not
have SSH capabilities. E.g. Dreamweaver 3.0 and before, many data
collecting programs, and Netscape Composer (4.79 and before), to name a

2) I've talked to two seperate vendors of netappliance and remote network
monitoring tools in the last six months that are sending critical security
data (e.g. video camera of server room, processeses running on
workstations) across the internet via ftp. When I asked them about SSH (or
relatives) their responses were variously a) SSH is too processor
intensive, b) who'd want to look at this data anyway and c) OpenSSH is too
buggy/has to be patched too often. Granted, this is *their* problem, but
we have to work with this attitude in vendors all of the time.

3) Some users will simply not change their applications. They know Fetch,
they'll use Fetch, and if a SysAdmin tries to force them to use something
else, they'll go over the SysAdmin's head.

and I've run up against a few others.

As I said, I'm doing some write-ups on how to port forward FTP to various
Server OS's, so what is below is very incomplete, but this is a system
which allows port forwarded FTP to *BSD servers, and I'll be including
Linux, OS X and Windows soon. The nice thing about this is that the user
can set up the tunnel once on each client, open it, and use their own
familiar applications. Clients are Win and Mac:

(These are all works in progress...)

How to set up the SSH server to allow port forwarded SSH (on BSD, I'm
working on other platforms):

How to set up a Mac client:

How to set up a PC client:

And a SSH/VPN info page for the non-computer savvy:

I hope these can help a few people out who are in tight spots. My uses
have found this system to access my webserver to be pretty easy, even
those users who are very stubborn.


-                                                                  -
    Karen Swanberg | Sys Admin | Dept. of Geology and Geophysics    
206 Pillsbury Hall | 310 Pillsbury Ave. SE | University of Minnesota
     Minneapolis, MN 55455  (612) 624-6541  (612) 625-3819 (f)

 Ever try to blow dry a wet werewolf? Well, I wouldn't recommend it.
-                                          -Fredrick Obermeyer     -

More information about the unisog mailing list