How to secure ftp over SSH (how to make ftpd listen only to 127.0.0.1)?

Pavel Duda element at email.cz
Fri May 21 00:40:34 PDT 2004


Constantine wrote:

> Hello,
> 
> I am very concerned about the security of my servers. My favourite 
> file-management software does not support any other unix standards than 
> plain ftp.
> 
> How is it possible to set up my FreeBSD 5.2.1 that way, that it will 
> accept ftp connections only from itself, so that iff the login to the 
> system is done via SSH with port-forwarding, then one can open 
> ftp-connection?
> 
> (It will be very nice if in this case the username/password is not 
> requested again, i.e. the ftp connection is anonymous and yet the 
> ftp-client gets the same rights to files as SSH-logged user, who has the 
> port-forwarding, but this does not sound like easy doable.)
> 
> Put it in other words, how can I make ftpd listen only to 127.0.0.1?
> 
> Constantine.
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to 
> "freebsd-questions-unsubscribe at freebsd.org"
> 

I'm not sure if this is possible to set within ftpd. I'm using classic 
way to block incoming FTP requests from unwanted addresses - IPFW.



More information about the freebsd-questions mailing list