Tunneling FTP on the Command Line
With SSH Tectia Server and Client, it is possible to tunnel FTP connections by using a command with the following syntax:
$ ssh2 -L ftp/x:ftpdserver:y username@sshserver
FTP tunneling is an extension to the generic tunneling mechanism. The FTP control channel can be secured by using generic port forwarding, but since the FTP protocol requires creating separate TCP connections for the files to be transferred, all the files would be transferred unencrypted when using generic port forwarding, as these separate TCP connections would not be forwarded automatically.
To protect also the transferred files, use FTP forwarding instead. It works similarly to generic port forwarding, except that the FTP forwarding code monitors the forwarded FTP control channel and dynamically creates new port forwardings for the data channels as they are requested. To see exactly how this is done, two different cases need to be examined: the active mode and the passive mode of the FTP protocol.