Anyone Familiar With Ssh Access & Putty?

[Veazer]

I'm trying to do some site-to-site transfer to speed up the process of moving a website, but I can't use ftp successfully from within SSH. It acts as if it connects to the site, but you can see it's not the real FTP server (which is running Matrix).

The same credentials from a command prompt (domain name and user removed):

C:\>ftp

ftp> open ftp.domain.com

Connected to ftp.domain.com.

220-Matrix FTP server ready.

220-This is a private system - No anonymous login

220-IPv6 connections are also welcome on this server.

220 Please note: files for your website must be stored under the htdocs directory.

User (ftp.domain.com:(none)): username

331 User domain.com OK. Password required

Password:

230 OK. Current directory is /

ftp> ls -la

200 PORT command successful

150 Connecting to port 5002

drwx-----x 5 176062 500 4096 Dec 27 10:11 .

drwx-----x 5 176062 500 4096 Dec 27 10:11 ..

-rw------- 1 176062 500 1832 Jan 2 09:45 .bash_history

-rw------- 1 176062 500 24 Sep 20 11:09 .bash_logout

-rw------- 1 176062 500 191 Sep 20 11:09 .bash_profile

-rw------- 1 176062 500 124 Sep 20 11:09 .bashrc

-rw-r--r-- 1 176062 500 73467056 Oct 10 10:54 backup_(2007-10-11_1622).zip

-rw-r--r-- 1 176062 500 82727510 Dec 27 10:10 backup_(2007-12-27_1611).zip

drwx---rwx 16 176062 500 4096 Oct 10 10:55 htdocs

drwx------ 3 176062 500 4096 Jan 6 04:12 logfiles

drwx-----x 2 176062 500 4096 Sep 20 11:08 private

226-Options: -a -l

226 11 matches total

ftp: 763 bytes received in 0.09Seconds 8.12Kbytes/sec.

ftp>

And again from PuTTY:

[~]# ftp

ftp> open ftp.domain.com

Connected to ftp.domain.com.

220---------- Welcome to Pure-FTPd [TLS] ----------

220-You are user number 1 of 50 allowed.

220-Local time is now 09:14. Server port: 21.

220-This is a private system - No anonymous login

220-IPv6 connections are also welcome on this server.

220 You will be disconnected after 15 minutes of inactivity.

500 This security scheme is not implemented

500 This security scheme is not implemented

KERBEROS_V4 rejected as an authentication type

Name (ftp.domain.com:kconvers): domain.com

331 User USER

OK. Password required

Password:

530 Login authentication failed

Login failed.

Remote system type is UNIX.

Using binary mode to transfer files.

ftp>

[dsys]

This is non trivial:

The easiest way to proceed would be to stuff a local host dummy tunnel into your ssh and hence wrap the ftp in the ssh tunnel.

here's how i do it -

on putty:

Click the Session category. In this category do the following:

1. Type the host name or IP address of the web server that is running SSH in the Host Name text box.
   
2. Select the SSH protocol option.
   
3. Name the session in the Saved Sessions field.
   
4. Click Save.
   

Click the Connection category and then expand the SSH category and select Tunnels. In the Tunnels subcategory you will enter the Source port (local port) and destination information:

1. In the Source port field, enter an arbitrary local port number that is not in use An example of a Source port would be: 2051
   
2. In the Destination text box type the host name or IP address followed by a colon ( and the FTP port number (port 21 is the default FTP port). An example of a Destination information would be: 12.02.0.10:21
   
3. Make sure the 'Local' option is selected.
   
4. Click Add.
   
5. Click the Sessions category and then click Save to save tunnel settings for the session.
   
6. Click Open to start an SSH session. Enter your user name and password when prompted, an SSH session must be in progress.
   

Then boot up your favourite FTP program and connect via localhost:2051, the port you selected previously. I am pretty sure you need to use passive FTP here.

Thats how I generally wrap ftp in ssh, however sometimes it works in putty if you specify port 21 explictly, not always though.

[Veazer]

Thanks for your reply

Wouldn't that just establish a secure ftp session between my PC and one of the servers? i want to be able to transfer files between two servers on the internet.

I did this before by simply using PuTTY to get shell access into one of the servers, then establishing an FTP session with the other server and starting the file transfers. I'm sure it worked because i remember being very impressed by the speeds.

Sorry if i misread your advice, i'm very tired and on my way to bed.....

[tjo o tjim]

For transferring between two servers, you just need to SSH into the first server and start an FTP session from there to the second server. Are you specifically trying to tunnel the information over a secure channel, or do you just want to use SSH for the secure shell function; it doesn't sound like this is your objective.

You should just be able to start a remote shell on one of the two servers (not FTP) from PuTTy, assuming you have remote shell access. Log in with your credentials, and then ftp into the second server to perform your transfer.

[dsys]

No you read my post correctly i misread what you were looking for.

Looking at the ftp output i think what you need to try from within putty is open ftp.domain.com:5002 , which may be the port your FTP server is running on. I would need to see the putty logs to be 100% sure but you appear to have some form of port translation going on here, also the pure FTP server is not setup for your authentication methods on an ssl(TLS) connection.

This is the reason I said it was non trivial initally.

[Veazer]

For transferring between two servers, you just need to SSH into the first server and start an FTP session from there to the second server. Are you specifically trying to tunnel the information over a secure channel, or do you just want to use SSH for the secure shell function; it doesn't sound like this is your objective.

You should just be able to start a remote shell on one of the two servers (not FTP) from PuTTy, assuming you have remote shell access. Log in with your credentials, and then ftp into the second server to perform your transfer.

It *should* work that way, but it's not. I'm not trying to tunnel information over a secure channel between the servers, the data is already encrypted so I'm not too worried about it. As you noted, I'm only using SSH to access the shell of one of the servers. It could just as easily be done with telnet if the host allowed it.

When I attempt to FTP into the second server it responds differently then if I attempt to login from my own machine (see the above screen caps). It reports that it is running Pure-FTPd instead of Matrix server. It's as if it is connecting to an entirely different FTP server...

No you read my post correctly i misread what you were looking for.

Looking at the ftp output i think what you need to try from within putty is open ftp.domain.com:5002 , which may be the port your FTP server is running on. I would need to see the putty logs to be 100% sure but you appear to have some form of port translation going on here, also the pure FTP server is not setup for your authentication methods on an ssl(TLS) connection.

This is the reason I said it was non trivial initally.

Tried 5002, connection refused. Why do you believe there is port translation going on? The FTPd server reports that it is using port 21.

I noticed the non-supported authentication errors, but I wasn't attempting to use any encryption or secure authentication. Does that occur because the FTP session was initiated within the SSH connection?

I tried connecting to a public FTP file server from within SSH and it worked fine. I don't get it.

[Veazer]

Never mind, I'm an idiot. Server #1 (the future host of the domain) has already changed their DNS records to reflect the upcoming domain transfer, therefore I was trying to login to the new server... I used the IP address of the current host and it worked as expected

Thanks for your help, sorry to waste your time.

[dsys]

Never mind, I'm an idiot. Server #1 (the future host of the domain) has already changed their DNS records to reflect the upcoming domain transfer, therefore I was trying to login to the new server... I used the IP address of the current host and it worked as expected

Thanks for your help, sorry to waste your time.

its always the easiest answer isnt it. Reason i thought port translation was because you were seeing two different FTP servers.