On Tue, Aug 2, 2011 at 1:56 PM, Taylor Hedberg <tmhedberg@xxxxxxxxx> wrote: > Maybe somebody has a better solution than this, but to me, the following > would be the obvious approach. > > If host "A" is the fully firewalled server that hosts the FTP directory, > and server "B" is the server on which port 80 is accessible, then: > > 1. Run an FTP daemon on server A which limits access to the users > you specify > 2. On server B: > > ssh -L :80:A:21 > > where "A" is the IP address or hostname of server A would also need the host to connect to, `A:21` is only the forwarding spec: ssh -CNfc arcfour -L 80:A:22 USER@A ... is what you'd want. > Then, clients can FTP to port 80 on server B and their traffic will be > forwarded to the FTP daemon on A. but don't use antiquated FTP, require the use of SFTP for: 1) simplicity 2) security 3) speed 4) SSH -based ... FTP opens oodles of slow connections per session, and would require fancier forwarding (at least 2 ports) C Anthony
